Public Date:
CWE-704 -> CWE-393 -> CWE-305
814605: CVE-2012-2122 mysql: incorrect type cast in check_scramble() leading to authentication bypass

The MITRE CVE dictionary describes this issue as:

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.

Find out more about CVE-2012-2122 from the MITRE CVE dictionary dictionary and NIST NVD.


This issue does not affect MySQL as shipped with Red Hat Enterprise Linux 4, 5, or 6. For a technical explanation please see

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 7.5
Base Metrics AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 mysql Affected
Red Hat Enterprise Linux 5 mysql Affected