CVE-2023-22104 in MySQL Server
Summary
by MITRE • 10/25/2023
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 05/08/2025
The vulnerability identified as CVE-2023-22104 affects the InnoDB storage engine component within Oracle MySQL Server versions 8.0.32 and earlier. This represents a significant availability threat that operates through multiple network protocols and requires only high privileged access, making it particularly dangerous in environments where administrative credentials might be compromised or where attackers have gained elevated privileges within the network. The vulnerability resides within the core database engine responsible for transaction processing and data storage management, specifically within the InnoDB subsystem that handles concurrent access and data integrity.
The technical flaw manifests as a condition that allows a malicious actor with sufficient privileges to trigger a denial of service scenario that can either cause the MySQL Server to hang indefinitely or experience repeated crashes that effectively render the database service unavailable. This behavior stems from improper handling of specific InnoDB operations that can be manipulated through crafted database queries or administrative commands. The vulnerability's exploitability is classified as easily accessible due to the requirement for only high privilege levels rather than specialized knowledge or complex attack vectors, and the network accessibility means that attacks can be launched from remote locations without physical access to the database server.
The operational impact of this vulnerability extends beyond simple service disruption as it can completely compromise database availability for critical business applications that depend on MySQL for data persistence. Organizations utilizing affected MySQL versions face potential business interruption risks, especially in environments where database availability is mission-critical for operations. The vulnerability's CVSS score of 4.9 indicates a moderate to high severity threat, with the availability impact being the primary concern as it can lead to complete system unavailability. The vector analysis shows network accessibility with low attack complexity and high privileges required, suggesting that this vulnerability is more likely to be exploited by insiders or attackers who have already compromised administrative credentials within the network environment.
Organizations should prioritize immediate patching of affected MySQL Server installations to address this vulnerability, as the remediation process typically involves upgrading to MySQL Server version 8.0.33 or later where the flaw has been resolved. Security teams should also implement network segmentation and privilege management controls to limit the potential impact of such vulnerabilities, ensuring that administrative access is restricted to only those who require it for legitimate operational purposes. The vulnerability aligns with CWE-119 which addresses improper restriction of operations within a limited scope, and can be mapped to ATT&CK techniques involving privilege escalation and denial of service attacks. Monitoring for unusual database connection patterns or administrative command sequences may help detect potential exploitation attempts, while regular security assessments should verify that privilege levels are appropriately restricted across all database access points to minimize the attack surface.