CVE-2023-21972 in MySQL Serverinfo

Summary

by MITRE • 04/18/2023

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 05/08/2025

The vulnerability identified as CVE-2023-21972 represents a critical availability threat within Oracle MySQL Server version 8.0.32 and earlier releases. This flaw exists within the Server: DML component, which processes data manipulation language operations including select, insert, update, and delete statements. The vulnerability's classification as easily exploitable indicates that attackers with high privileges and network access can leverage this weakness to disrupt MySQL server operations. The affected versions span a significant portion of the mysql 8.0.x release series, making this a widespread concern for database administrators and security professionals managing mysql deployments.

The technical nature of this vulnerability manifests as a flaw in how MySQL handles certain data manipulation operations that leads to system instability. When exploited, the vulnerability enables attackers to trigger a complete denial of service condition that can cause the MySQL server to hang or repeatedly crash. This behavior represents a severe availability impact as described by the CVSS 3.1 scoring system which assigns a base score of 4.9 with the vector AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The attack vector requires network access and only needs high privilege level access, suggesting that the exploit could be initiated by authenticated users with sufficient permissions within the database environment. The vulnerability does not require user interaction and can affect systems regardless of the specific protocols used for database communication, including TCP/IP and Unix domain sockets.

The operational impact of this vulnerability extends beyond simple service disruption to potentially compromise entire database infrastructures. When a MySQL server experiences repeated crashes or hangs, it creates cascading effects throughout applications that depend on database connectivity, potentially leading to extended downtime for business-critical systems. The complete denial of service condition can result in significant financial losses, data access interruptions, and service level agreement violations for organizations relying on MySQL for their data operations. This vulnerability particularly affects environments where database availability is paramount, including e-commerce platforms, financial applications, and enterprise resource planning systems that depend on continuous database access for their operations.

Organizations should immediately implement mitigation strategies focusing on patch management and access controls to address this vulnerability. The primary remediation involves upgrading to MySQL Server version 8.0.33 or later where this vulnerability has been resolved. System administrators should also implement network segmentation and access controls to limit the attack surface, ensuring that only authorized personnel have high privilege access to database systems. Monitoring and logging configurations should be enhanced to detect unusual patterns of database activity that might indicate exploitation attempts. Additionally, organizations should conduct comprehensive vulnerability assessments to identify systems running affected MySQL versions and prioritize patch deployment across all database environments. The vulnerability aligns with CWE-119, which addresses improper restriction of operations within a limited access scope, and maps to ATT&CK technique T1499.004 for endpoint denial of service, highlighting the need for both preventive and detective security measures to protect database infrastructure from exploitation attempts.

Responsible

Oracle

Reservation

12/17/2022

Disclosure

04/18/2023

Moderation

accepted

CPE

ready

EPSS

0.01144

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!