MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability

  1. Network Vulnerabilities
  2. General
  3. MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
Summary
This host is installed with MySQL Connector/Net and is prone to security bypass vulnerability.
Impact
Successful exploitation will allow attackers to perform man-in-the-middle attacks, which will aid in further attacks. Impact Level: Application
Solution
Upgrade to the latest version of MySQL Connector/Net 6.0.4 or later, For updates refer to http://dev.mysql.com/downloads/connector/net
Insight
The flaw is caused by improper verification of certificates when using SSL connections that allow remote attackers to conduct spoofing attacks.
Affected
MySQL Connector/Net 6.0.3 and prior.
References
Updated on 2015-03-25
Severity
Medium Severity
Classification
Related Vulnerabilities