CVE-2023-21982 in MySQL Server
Summary
by MITRE • 04/18/2023
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 05/08/2025
The vulnerability identified as CVE-2023-21982 resides within the MySQL Server optimizer component of Oracle MySQL, specifically affecting versions 8.0.32 and earlier. This represents a significant security concern as it operates within the core database engine's query optimization logic, which is fundamental to database operations and performance. The vulnerability is classified as easily exploitable, indicating that attackers with minimal technical expertise can leverage it effectively, making it particularly dangerous in production environments where database availability is critical. The attack vector requires network access through multiple protocols, suggesting that the vulnerability can be exploited from external networks, potentially allowing attackers to target database servers directly without requiring physical access or complex attack chains.
The technical flaw manifests within the server's optimizer module, which is responsible for determining the most efficient execution plan for database queries. When exploited, this vulnerability allows a high-privileged attacker to manipulate the optimizer's behavior in such a way that it can cause the MySQL Server to enter a state of permanent hang or repeatedly crash. This results in a complete denial of service condition where legitimate database operations become impossible, effectively rendering the database server unusable for its intended purpose. The vulnerability's classification as a complete denial of service indicates that the impact extends beyond simple performance degradation to full system unavailability, which can have cascading effects on applications and services dependent on the database.
The operational impact of this vulnerability is severe and directly affects the availability aspect of the database system as indicated by the CVSS 3.1 Base Score of 4.9. The availability impact score of 'H' (high) demonstrates that successful exploitation can lead to complete system downtime, which is particularly concerning for mission-critical applications that rely on continuous database access. Organizations using affected MySQL versions face significant risk of service disruption, potential data loss, and operational downtime that can result in financial losses and damage to reputation. The vulnerability's impact is amplified by the fact that it requires only high privileged access, which suggests that attackers who have already gained administrative or elevated privileges within the network can exploit this weakness to cause maximum disruption.
From a cybersecurity perspective, this vulnerability aligns with CWE-121, which relates to stack-based buffer overflow conditions, though the specific nature of the flaw appears to be more related to improper resource management or memory handling within the query optimizer. The attack pattern corresponds to techniques described in the MITRE ATT&CK framework under the T1499 category for network denial of service, where adversaries seek to disrupt availability of systems and services. Organizations should prioritize patching this vulnerability immediately, as it represents a straightforward path to causing significant operational disruption. The recommended mitigation strategy involves upgrading to a patched version of MySQL Server, which would address the underlying optimizer flaw and prevent the specific conditions that lead to the hang or crash scenarios. Additionally, network segmentation and access controls should be implemented to limit the attack surface and prevent unauthorized access to database systems, particularly those running vulnerable versions of MySQL Server.