CVE-2023-22056 in MySQL Server
Summary
by MITRE • 07/19/2023
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 05/08/2025
The vulnerability identified as CVE-2023-22056 resides within the MySQL Server optimizer component of Oracle MySQL, affecting versions 8.0.33 and earlier. This represents a critical availability-focused weakness that operates at the core of database query processing functionality, where the optimizer is responsible for determining the most efficient execution plan for SQL statements. The vulnerability manifests as a flaw in how the server handles specific query optimization scenarios, creating conditions that can lead to system instability and complete service disruption.
The technical nature of this vulnerability stems from improper handling of certain optimizer routines that can trigger memory corruption or resource exhaustion during query execution. Attackers with high privileges and network access can exploit this weakness by crafting specific SQL queries that, when processed by the optimizer, cause the MySQL server to enter an unstable state. The vulnerability's exploitability is classified as easily accessible due to the minimal prerequisites required for successful exploitation, which primarily involve having administrative access to the database system and network connectivity to the target server.
From an operational perspective, this vulnerability poses significant risks to database availability and system reliability, as successful exploitation can result in complete denial of service conditions. The impact extends beyond simple query failures to encompass complete server crashes that require manual intervention for recovery, potentially leading to extended downtime for applications dependent on the affected MySQL instance. Organizations running affected versions face potential business disruption, data accessibility issues, and increased operational overhead during incident response and system restoration activities.
The CVSS 3.1 scoring of 4.9 reflects the vulnerability's medium severity in terms of exploitability but high impact on availability, with a base score that emphasizes the potential for complete system compromise through denial of service attacks. This vulnerability aligns with CWE-121, which addresses stack-based buffer overflow conditions, and potentially relates to CWE-476, concerning null pointer dereference scenarios that can occur during query optimization. The attack vector requires network access and high privileges, suggesting that while the exploitation is straightforward, it typically requires an attacker who already has elevated access to the system, making it more of an escalation risk than an initial entry point.
Mitigation strategies should prioritize immediate patch deployment for all affected MySQL 8.0 versions, with organizations implementing comprehensive monitoring for unusual query patterns or system behavior that might indicate exploitation attempts. Network segmentation and access control measures can help reduce the attack surface by limiting who can directly connect to MySQL services. Additionally, implementing database activity monitoring and anomaly detection systems can provide early warning signs of potential exploitation attempts, while regular security assessments and vulnerability scanning should be conducted to identify and remediate similar issues across the database infrastructure. Organizations should also consider implementing redundant database systems and automated failover mechanisms to minimize the impact of potential exploitation events on overall system availability.