// For flags

CVE-2017-3305

mysql: incorrect enforcement of ssl-mode=REQUIRED in MySQL 5.5 and 5.6

Severity Score

5.3
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client, aka, "The Riddle".

Se ha descubierto una vulnerabilidad en el componente MySQL Server de Oracle MySQL (subcomponente: Servidor: C API). Las versiones compatibles que se ven afectadas son versión 5.5.55 y anteriores y versión 5.6.35 y anteriores. Una vulnerabilidad difícil de explotar permite que un atacante con pocos privilegios con acceso a la red por medio de múltiples protocolos ponga en peligro el servidor MySQL. Los ataques con éxito de esta vulnerabilidad pueden resultar en un acceso no autorizado a información crítica o acceso completo a todos los datos disponibles del Servidor MySQL. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTA: la información anterior es de la CPU de abril de 2017. Oracle no ha comentado sobre las afirmaciones de terceros de que este problema permite a los atacantes de tipo man-in-the-middle secuestrar la autenticación de los usuarios aprovechando el pedido incorrecto de la comprobación de los parámetros de seguridad en un cliente, también conocido como "The Riddle".

It was discovered that the MySQL client command line tools only checked after authentication whether server supported SSL. A man-in-the-middle attacker could use this flaw to hijack client's authentication to the server even if the client was configured to require SSL connection.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
Complete
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-12-06 CVE Reserved
  • 2017-04-24 CVE Published
  • 2024-06-16 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-319: Cleartext Transmission of Sensitive Information
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Oracle
Search vendor "Oracle"
 Mysql
Search vendor "Oracle" for product "Mysql"
 >= 5.5.0 <= 5.5.55
Search vendor "Oracle" for product "Mysql" and version " >= 5.5.0 <= 5.5.55"
-
Affected
Oracle
Search vendor "Oracle"
 Mysql
Search vendor "Oracle" for product "Mysql"
 >= 5.6.0 <= 5.6.35
Search vendor "Oracle" for product "Mysql" and version " >= 5.6.0 <= 5.6.35"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 8.0
Search vendor "Debian" for product "Debian Linux" and version "8.0"
-
Affected