CVE-2015-3152 - OpenCVE

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Oracle	Mysql Mysql Connector\/c
Redhat	Enterprise Linux Server Aus Enterprise Linux Server Tus Enterprise Linux Desktop Enterprise Linux Workstation Enterprise Linux Server Enterprise Linux Eus
Fedoraproject	Fedora
Debian	Debian Linux
Mariadb	Mariadb
Php	Php

Configuration 1 [-]

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql_connector\/c::::::::

Configuration 2 [-]

OR	cpe:2.3:a:mariadb:mariadb::::::::
	cpe:2.3:a:mariadb:mariadb::::::::

Configuration 3 [-]

OR	cpe:2.3:o:fedoraproject:fedora:21:::::::*
	cpe:2.3:o:fedoraproject:fedora:22:::::::*

Configuration 4 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 5 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 6 [-]

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html	Mailing List Third Party Advisory
http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/	Exploit Third Party Advisory
http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/	Third Party Advisory
http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html	Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2015-1646.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1647.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1665.html	Third Party Advisory
http://www.debian.org/security/2015/dsa-3311	Third Party Advisory
http://www.ocert.org/advisories/ocert-2015-003.html	Vendor Advisory
http://www.securityfocus.com/archive/1/535397/100/1100/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/74398	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032216	Third Party Advisory VDB Entry
https://access.redhat.com/security/cve/cve-2015-3152	Third Party Advisory
https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390	Patch Third Party Advisory
https://jira.mariadb.org/browse/MDEV-7937	Issue Tracking Vendor Advisory
https://www.duosecurity.com/blog/backronym-mysql-vulnerability	Third Party Advisory