MySQL Connector/NET prior to 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote malicious users to perform a man-in-the-middle attack with a spoofed SSL certificate.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle mysql connector\\/net 6.0.1 |
||
oracle mysql connector\\/net 6.0.0 |
||
oracle mysql connector\\/net |
||
oracle mysql connector\\/net 6.0.2 |