CVE-2016-2047Improper Certificate Validation in Mariadb

CWE-254CWE-295Improper Certificate Validation9 documents7 sources
Severity
5.9MEDIUMNVD
EPSS
1.7%
top 17.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
MariadbOracle MysqlCanonical Ubuntu Linux+4 more
Timeline
PublishedJan 27
Latest updateMay 13

Description

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as d

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

NVDoracle/mysql5.5.05.5.48+2
NVDmariadb/mariadb5.5.205.5.47+2
NVDopensuse/leap42.1

Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 15.10, 16.04, Enterprise Linux 6.0, 7.0

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-gw5g-54qg-7583: The ssl_verify_server_cert function in sql-common/client2022-05-13
CVEList
CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client2016-01-27
OSV
CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client2016-01-27

📋Vendor Advisories

3
Ubuntu
MySQL vulnerabilities2016-04-25
Ubuntu
MySQL vulnerabilities2016-04-21
Red Hat
mysql: ssl-validate-cert incorrect hostname check2015-11-30

💬Community

1
Bugzilla
CVE-2016-2047 mysql: ssl-validate-cert incorrect hostname check2016-01-26
CVE-2016-2047 — Improper Certificate Validation | cvebase