Oracle MySQL Connectors 8.0.x Denial of Service (DoS) Vulnerability (CPUJAN2023) Detected on NFA Console server 23.3.3+
search cancel

Oracle MySQL Connectors 8.0.x Denial of Service (DoS) Vulnerability (CPUJAN2023) Detected on NFA Console server 23.3.3+

book

Article ID: 374005

calendar_today

Updated On:

Products

CA Network Flow Analysis (NetQos / NFA)

Issue/Introduction

 We are running with NFA version 23.3.3+. Recently our security team reported critical vulnerability in mysql odbc driver. 

Vulnerability Result
HKLM\SOFTWARE\Wow6432Node\MySQL AB\MySQL Connector/ODBC 8.0 Version = 8.0.29 C:\Program Files (x86)\MySQL\Connector ODBC 8.0\myodbc8w.dll found
 
As per the release notes DX NetOps Network Flow Analysis - 23.3 , NFA 23.3.2 already includes MySQL ODBC Connector 8.0.33.  So how can we stop getting false alerts from 8.0.29?

Environment

NFA 23.3.2+

Cause

MySQL ODBC connector was upgraded from 8.0.29 to 8.0.33 in NFA 23.3.2.

However, this does not remove the old pre-existing entries for ODBC Connector 8.0.29 left over from previous installs.

Resolution

If you check the registry key:

HKLM\SOFTWARE\Wow6432Node\MySQL AB\MySQL Connector

Do you see separate entries that say "8.0.29" and "8.0.33" (or a version higher than 8.0.33)

If so, the solution is that you can safely remove the "extra" registry key:

HKLM\SOFTWARE\Wow6432Node\MySQL AB\MySQL Connector/ODBC 8.0

that points to 8.0.29, and keep the one that points to 8.0.33+.

Powered by Wolken Software