MySQL Authentication Bypass Network Vulnerability

Summary

MySQL is prone to an Authentication Bypass. Successful exploitation will yield unauthorized access to the database. All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.23 are vulnerable. MariaDB versions from 5.1.62, 5.2.12, 5.3.6, 5.5.23 are not. MySQL versions from 5.1.63, 5.5.24, 5.6.6 are not.

References

http://bugs.mysql.com/bug.php?id=64884
http://seclists.org/oss-sec/2012/q2/493
https://mariadb.atlassian.net/browse/MDEV-212

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-2122
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

IBM DB2 Multiple Security Bypass Vulnerabilities
Oracle MySQL Multiple Unspecified vulnerabilities-01 Oct14 (Windows)
Oracle MySQL Server Component 'Replication' Unspecified vulnerability Oct-2013 (Windows)
IBM DB2 OLAP Specification Query Denial of Service Vulnerability
MySQL Unspecified vulnerabilities-01 July-2013 (Windows)

Take action and discover your vulnerabilities