Vulnerability CVE-2012-5627

Vulnerability Name:

CVE-2012-5627 (CCN-80553)

Assigned:

2012-12-06

Published:

2012-12-06

Updated:

2022-08-29

Summary:

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N)
3.1 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-522

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2012-5627

Source: CCN
Type: MySQL Web site
MySQL

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20121203 MySQL Local/Remote FAST Account Password Cracking

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20121205 Re: MySQL Local/Remote FAST Account Password Cracking

Source: CCN
Type: seclists Web site
Re: CVE request: Mysql/Mariadb insecure salt-usage

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20121206 Re: CVE request: Mysql/Mariadb insecure salt-usage

Source: SECUNIA
Type: Not Applicable
53372

Source: GENTOO
Type: Patch, Third Party Advisory, VDB Entry
GLSA-201308-06

Source: MANDRIVA
Type: Broken Link
MDVSA-2013:102

Source: CCN
Type: BID-56837
Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness

Source: MISC
Type: Patch, Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=883719

Source: XF
Type: UNKNOWN
mysql-mariadb-salt-sec-bypass(80553)

Source: CCN
Type: MariaDB Web site
COM_CHANGE_USER allows fast password brute-forcing

Source: CONFIRM
Type: Broken Link, Vendor Advisory
https://mariadb.atlassian.net/browse/MDEV-3915

Vulnerable Configuration:

Configuration 1:

cpe:/a:oracle:mysql:*:*:*:*:*:*:*:* (Version >= 5.5.0 and < 5.5.29)

Configuration 2:

cpe:/a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:mariadb:mariadb:*:*:*:*:*:*:*:* (Version >= 5.2.0 and < 5.2.14)

OR cpe:/a:mariadb:mariadb:*:*:*:*:*:*:*:* (Version >= 5.3.0 and < 5.3.12)

OR cpe:/a:mariadb:mariadb:*:*:*:*:*:*:*:* (Version >= 5.5.0 and < 5.5.29)

Configuration CCN 1:

cpe:/a:oracle:mysql:5.1.53:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.5.19:*:*:*:*:*:*:*

OR cpe:/a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*

OR cpe:/a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:*

OR cpe:/a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:*

OR cpe:/a:mariadb:mariadb:5.1.66:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20125627	V	CVE-2012-5627	2022-06-30
oval:org.opensuse.security:def:993	P	Security update for helm-mirror (Moderate)	2022-05-31
oval:org.opensuse.security:def:1515	P	Security update for MozillaThunderbird (Important)	2022-05-17
oval:org.opensuse.security:def:112715	P	libmysqlclient-devel-10.0.22-3.8 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:64636	P	Security update for python3 (Moderate)	2021-12-13
oval:org.opensuse.security:def:1048	P	Security update for wireshark (Moderate)	2021-12-06
oval:org.opensuse.security:def:68070	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) (Important)	2021-10-14
oval:org.opensuse.security:def:106188	P	libmysqlclient-devel-10.0.22-3.8 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:97015	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103705	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71423	P	xscreensaver-5.37-3.51 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71310	P	libserf-1-1-1.3.9-2.31 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63215	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:90050	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2126	P	libmysqld-devel-10.2.22-3.14.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:47898	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47515	P	tftp-5.2-10.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48122	P	libhivex0-1.3.10-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47650	P	java-1_7_0-openjdk-1.7.0.181-43.15.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47975	P	coreutils-8.25-13.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47570	P	bzip2-1.0.6-29.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48215	P	libvirglrenderer0-0.5.0-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47705	P	libexif12-0.6.21-8.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47514	P	tcpdump-4.9.0-13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48030	P	grub2-2.02-12.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47529	P	xdg-utils-20140630-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48270	P	perl-XML-LibXML-2.0019-6.3.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47843	P	pam_ssh-2.0-1.39 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47569	P	busybox-1.21.1-3.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48067	P	libQt5Concurrent5-5.6.2-6.15.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47584	P	cups-1.7.5-20.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:64723	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:1570	P	Security update for salt (Critical)	2021-06-21
oval:org.opensuse.security:def:48429	P	glibc-2.22-49.16 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48797	P	libpolkit0-32bit-0.113-5.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48575	P	logwatch-7.4.3-15.65 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48671	P	freerdp-1.0.2-7.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48484	P	libblkid1-2.28-40.28 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48630	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48726	P	icu-52.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48513	P	libjson-c2-0.11-2.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48640	P	update-alternatives-1.18.4-14.216 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48742	P	libqt4-sql-mysql-32bit-4.8.6-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48568	P	libvte9-0.28.2-19.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48695	P	libssh4-0.6.3-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:67970	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:63160	P	libmysqld-devel-10.2.15-1.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2071	P	libmysqld-devel-10.2.15-1.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49902	P	rmt-server-pubcloud on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49957	P	libopenvswitch-2_8-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49956	P	libmysqld-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50011	P	libmysqld-devel on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20125627000	V	CVE-2012-5627 on Ubuntu 12.04 LTS (precise) - low.	2013-10-01
oval:com.ubuntu.trusty:def:20125627000	V	CVE-2012-5627 on Ubuntu 14.04 LTS (trusty) - low.	2013-10-01

BACK