MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability Network Vulnerability

Summary

This host is installed with MySQL Connector/Net and is prone to security bypass vulnerability.

Impact

Successful exploitation will allow attackers to perform man-in-the-middle attacks, which will aid in further attacks. Impact Level: Application

Solution

Upgrade to the latest version of MySQL Connector/Net 6.0.4 or later, For updates refer to http://dev.mysql.com/downloads/connector/net

Insight

The flaw is caused by improper verification of certificates when using SSL connections that allow remote attackers to conduct spoofing attacks.

Affected

MySQL Connector/Net 6.0.3 and prior.

References

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Take action and discover your vulnerabilities