MySQL 7PK - Security Features Vulnerability - CVE-2016-2047

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47 10.0.x before 10.0.23 and 10.1.x before 10.1.10 Oracle MySQL 5.5.48 and earlier 5.6.29 and earlier and 5.7.11 and earlier and Percona Server do not properly verify that the server hostname matches a domain name in the subject39s Common Name (CN) or subjectAltName field of the X.509 certificate which allows man-in-the-middle attackers to spoof SSL servers via a quot/CNquot string in a field in a certificate as demonstrated by quot/OU/CNbar.com/CNfoo.com.quot