NFA 23.3.13+ releases use BOTH the 32-Bit and 64-Bit ODBC connectors.
However, scanners generally do not check for version branches and only look at the version numbers. As a result, the 32-bit versions of the ODBC Connector may be flagged as vulnerable in spite of the fact that it is newer (and fixes more vulnerabilities) than a 64-Bit ODBC connector with a "higher" version number. 

• NFA 23.3.13 release uses both the 8.0.37 (32-bit) and 8.4 (64-bit) MySQL connectors.

• As of this writing, the latest GA version of NFA (24.3.13) uses both the 8.0.37 (32-bit) and 9.3.0 (64-bit) MySQL Connectors

• According to MySQL Connector/ODBC Downloads:

  • 8.0.43 is the latest 32-bit connector.
  • 9.4.0 is the latest 64-bit connector.

• However, scanners generally do not check for version branches and only look at the version numbers. As a result, while 8.0.37 should have the same vulnerabilities fixed as other versions, it may still flag differently due to this oversight.

Both connectors are required for NFA to function properly. The ETA for a future release where all NFA components will support 64-bit is still unknown at this point of time.

If a version of the 32-bit ODBC connector higher than 8.0.37 is required, please open a Support ticket for assistance.