Where the open source database community meets: Use code PERCONA75 and secure your spot for Percona Live.  Register
Downloads
Blog
Contact Us

How to Mitigate DROWN CVE-2016-0800

March 4, 2016
Author
David Busby
Share this Post:

Mitigate DROWN CVE-2016-0800This blog post will discuss how to Mitigate DROWN CVE-2016-0800.

Unless you’ve been living in a cave you’ll have heard (or likely to hear about soon) the drown attack. From the Red Hat site:

“A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.

Find out more about CVE-2016-0800 from the MITRE CVE dictionary dictionary and NIST NVD.”

The following graphic should help explain the vulnerability:

Mitigate DROWN CVE-2016-0800

In short, disable SSLv2 if you do not need it  (similar to the way SSLv3 was disabled due to POODLE).

So how about those services?

  • MySQL uses TLS1.0 for versions < 5.7.10

  • MySQL uses a configuration TLS version when using >= 5.7.10

  • MongoDB uses a configuration variable for the TLS for version when using >= 3.0.7

Please respond in the comments with any questions!

0 0 votes
Article Rating
Subscribe
Notify of
guest

1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
rautamiekka
rautamiekka
10 years ago

0
Reply

Resources

RELATED POSTS

Far
Enough.

Said no pioneer ever.
Get Started
Open source database software from experts who stand with you in production. Forever free from lock-in and other corporate BS.
Connect
© 2026 Percona All Rights Reserved
Database Technology
PostgreSQL MySQL MariaDB MongoDB Valkey / Redis Databases on Kubernetes Monitoring & Management (PMM) Percona Toolkit
Services
Expert Support ExpertOps Expert Consulting Training Solution Bundles
Use Cases
Cost Optimization Performance and Reliability Sovereignty, Security, and Compliance AI and Future Readiness
Company
About Percona Partners Careers Events Press Releases News
Terms of Use
|
Privacy
|
Copyright
|
Legal
|
Security Center
MySQL, PostgreSQL, InnoDB, MariaDB, MongoDB and Kubernetes are trademarks for their respective owners.
© 2026 Percona All Rights Reserved