MySQL Authentication Bypass Network Vulnerability

Summary

MySQL is prone to an Authentication Bypass. Successful exploitation will yield unauthorized access to the database. All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.23 are vulnerable. MariaDB versions from 5.1.62, 5.2.12, 5.3.6, 5.5.23 are not. MySQL versions from 5.1.63, 5.5.24, 5.6.6 are not.

References

http://bugs.mysql.com/bug.php?id=64884
http://seclists.org/oss-sec/2012/q2/493
https://mariadb.atlassian.net/browse/MDEV-212

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-2122

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Oracle MySQL Multiple Unspecified vulnerabilities-04 Feb15 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities-03 Oct14 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities-01 Oct14 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities - 01 Jan14 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities - 02 Jan14 (Windows)

Take action and discover your vulnerabilities