CVE-2012-5627

CVE-2012-5627 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

Learn more about our Cis Benchmark Audit For Mariadb.