Microsoft JDBC Driver for SQL Server Spoofing Vulnerability

A spoofing vulnerability has been identified in the JDBC Driver for SQL Server. This issue arises from improper input validation, which allows an unauthorized attacker to manipulate network communications. Exploitation involves tricking a victim into connecting to a malicious server, where the attacker can present a legitimate TLS certificate with a spoofed Common Name in the Organizational Unit field. The JDBC driver may mistakenly trust this certificate, enabling interception of SQL credentials and execution of a man-in-the-middle attack on encrypted database traffic.

Impact

Exploitation of this vulnerability could lead to unauthorized network spoofing, allowing attackers to intercept and manipulate SQL database traffic by impersonating a legitimate server.

Remediation

Users can download the security update for the affected JDBC Driver versions from the Microsoft JDBC Driver release notes. The updated versions are 12.10, 13.2, 12.6, 11.2, 10.2, 12.8, 12.2, and 12.4.