| VID |
25173 |
| Severity |
30 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of MySQL 5.7 installed on the remote host is earlier than 5.7.3 and is, therefore, affected by a security feature bypass vulnerability known as 'BACKRONYM' due to a failure to properly enforce the requirement of an SSL/TLS connection when the --ssl client option is used. A man-in-the-middle attacker can exploit this flaw to coerce the client to downgrade to an unencrypted connection, allowing the attacker to disclose data from the database or manipulate database queries.
* Note: This check solely relied on the banner of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-3.html
http://backronym.fail/
* Platforms Affected:
MySQL versions 5.7 prior to 5.7.3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (5.7.3 or later), available from the MySQL Download Web site at http://dev.mysql.com/downloads/ |
| Related URL |
CVE-2015-3152 (CVE) |
| Related URL |
74398 (SecurityFocus) |
| Related URL |
(ISS) |
|
