CVE-2023-21980 in MySQL Serverinfo

Zusammenfassung

von MITRE • 18.04.2023

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

Oracle

Reservieren

17.12.2022

Veröffentlichung

18.04.2023

Moderieren

akzeptiert

Eintrag

VDB-226659

CPE

bereit

EPSS

0.00826

KEV

nein

Aktivitäten

very low

Quellen

Interested in the pricing of exploits?

See the underground prices here!