CVE-2016-2047
Published on: 01/27/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:15 PM UTC
Certain versions of Ubuntu Linux from Canonical contain the following vulnerability:
The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."
- CVE-2016-2047 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 5.9 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | HIGH | NONE | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | NONE | HIGH | NONE |
CVSS2 Score: 4.3 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | MEDIUM | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | PARTIAL | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
[security-announce] SUSE-SU-2016:1619-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
Oracle.com Outage | Patch Vendor Advisory www.oracle.com text/html Inactive LinkNot Archived |
![]() |
MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability | Third Party Advisory VDB Entry cve.report (archive) text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
USN-2954-1: MySQL vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
MariaDB 5.5.47 Release Notes - MariaDB Knowledge Base | Vendor Advisory mariadb.com text/html |
![]() |
Debian -- Security Information -- DSA-3557-1 mysql-5.5 | Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
[security-announce] openSUSE-SU-2016:1664-1: important: Security update | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
[security-announce] SUSE-SU-2016:1279-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
[security-announce] SUSE-SU-2016:1620-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
[security-announce] openSUSE-SU-2016:1686-1: important: Security update | Third Party Advisory lists.opensuse.org text/html |
![]() |
Oracle Linux Bulletin - April 2016 | Third Party Advisory www.oracle.com text/html |
![]() |
Debian -- Security Information -- DSA-3453-1 mariadb-10.0 | Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
MySQL Multiple Bugs Let Remote Users Access and Modify Data and Deny Service and Let Remote and Remote Authenticated Users Gain Elevated Privileges - SecurityTracker | Third Party Advisory VDB Entry www.securitytracker.com text/html |
![]() |
USN-2953-1: MySQL vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
MariaDB 10.0.23 Release Notes - MariaDB Knowledge Base | Vendor Advisory mariadb.com text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory access.redhat.com text/html |
![]() |
[MDEV-9212] ssl-validate-cert incorrect hostname check - JIRA | Vendor Advisory mariadb.atlassian.net text/html |
![]() |
oss-security - Flaw in mariadb clients SSL certificate validation | Mailing List Third Party Advisory www.openwall.com text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
MariaDB 10.1.10 Release Notes - MariaDB Knowledge Base | Vendor Advisory mariadb.com text/html |
![]() |
[security-announce] openSUSE-SU-2016:1332-1: important: Security update | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 15.10 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 15.10 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
Operating System | Debian | Debian Linux | 9.0 | All | All | All |
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
Operating System | Debian | Debian Linux | 9.0 | All | All | All |
Application | Mariadb | Mariadb | All | All | All | All |
Application | Mariadb | Mariadb | All | All | All | All |
Operating System | Opensuse | Leap | 42.1 | All | All | All |
Operating System | Opensuse | Leap | 42.1 | All | All | All |
Operating System | Oracle | Linux | 7 | All | All | All |
Operating System | Oracle | Linux | 7 | All | All | All |
Application | Oracle | Mysql | All | All | All | All |
Application | Oracle | Mysql | All | All | All | All |
Application | Oracle | Mysql | All | All | All | All |
Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*:
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE