CVE-2015-3152
high-risk
Published 2016-05-16
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
Do I need to act?
!
51.7% chance of exploitation in next 30 days
EPSS score — higher than 48% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
NETWORK
/ HIGH complexity
Affected Products (20)
References (34)
Third Party Advisory
http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory...
Third Party Advisory
http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1646.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1647.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1665.html
Third Party Advisory
http://www.debian.org/security/2015/dsa-3311
Vendor Advisory
http://www.ocert.org/advisories/ocert-2015-003.html
Third Party Advisory
http://www.securityfocus.com/archive/1/535397/100/1100/threaded
Third Party Advisory
http://www.securityfocus.com/bid/74398
Third Party Advisory
http://www.securitytracker.com/id/1032216
Third Party Advisory
https://access.redhat.com/security/cve/cve-2015-3152
Issue Tracking
https://jira.mariadb.org/browse/MDEV-7937
Third Party Advisory
https://www.duosecurity.com/blog/backronym-mysql-vulnerability
and 14 more references
57
/ 100
high-risk
Severity
18/34 · Moderate
Exploitability
18/34 · Moderate
Exposure
21/34 · High