Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-5157
HistorySep 27, 2023 - 3:19 p.m.

CVE-2023-5157

2023-09-2715:19:41
CWE-400
[email protected]
web.nvd.nist.gov
125
mariadb
vulnerability
denial of service
cve-2023-5157
nvd
openvas
port scan

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

46.5%

JSON

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

Affected configurations

NVD
Node
mariadbmariadbRange<10.3.36
OR
mariadbmariadbRange10.4.010.4.26
OR
mariadbmariadbRange10.5.010.5.17
OR
mariadbmariadbRange10.6.010.6.9
OR
mariadbmariadbRange10.7.010.7.5
OR
mariadbmariadbRange10.8.010.8.4
Node
fedoraprojectfedoraMatch38
Node
redhatenterprise_linuxMatch8.0
OR
redhatenterprise_linuxMatch9.0
OR
redhatenterprise_linux_eusMatch8.6
OR
redhatenterprise_linux_eusMatch8.8
OR
redhatenterprise_linux_eusMatch9.0
OR
redhatenterprise_linux_eusMatch9.2
OR
redhatenterprise_linux_for_arm_64Match8.0_aarch64
OR
redhatenterprise_linux_for_arm_64Match9.0_aarch64
OR
redhatenterprise_linux_for_arm_64_eusMatch8.8_aarch64
OR
redhatenterprise_linux_for_ibm_z_systemsMatch8.0_s390x
OR
redhatenterprise_linux_for_ibm_z_systemsMatch9.0_s390x
OR
redhatenterprise_linux_for_ibm_z_systemsMatch9.2_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.6_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.8_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch9.2_s390x
OR
redhatenterprise_linux_for_power_little_endianMatch8.0_ppc64le
OR
redhatenterprise_linux_for_power_little_endianMatch9.0_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch8.8_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch9.2_ppc64le
OR
redhatenterprise_linux_server_ausMatch8.4
OR
redhatenterprise_linux_server_ausMatch8.6
OR
redhatenterprise_linux_server_ausMatch9.2
OR
redhatenterprise_linux_server_tusMatch8.4
OR
redhatenterprise_linux_server_tusMatch8.6
OR
redhatenterprise_linux_server_tusMatch8.8

CNA Affected

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb:10.5",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "8080020231003163755.63b34585",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb:10.5",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "8040020231006044227.522a0ee4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb:10.5",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "8040020231006044227.522a0ee4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb:10.5",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "8040020231006044227.522a0ee4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_aus:8.4::appstream",
      "cpe:/a:redhat:rhel_e4s:8.4::appstream",
      "cpe:/a:redhat:rhel_tus:8.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb:10.5",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "8060020231005052631.ad008a3a",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:8.6::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "galera",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:26.4.14-1.el9_2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::crb",
      "cpe:/a:redhat:enterprise_linux:9::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "3:10.5.22-1.el9_2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::crb",
      "cpe:/a:redhat:enterprise_linux:9::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "galera",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:26.4.14-1.el9_0",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:9.0::appstream",
      "cpe:/a:redhat:rhel_eus:9.0::crb"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "3:10.5.22-1.el9_0",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:9.0::appstream",
      "cpe:/a:redhat:rhel_eus:9.0::crb"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rh-mariadb105-galera",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:26.4.14-1.el7",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_software_collections:3::el7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rh-mariadb105-mariadb",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "3:10.5.22-1.el7",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_software_collections:3::el7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb:10.3/galera",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "mariadb:10.3/mariadb",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  }
]

Related

nessus 20
redhatcve 1
redhat 6
cvelist 1
redos 1
prion 1
ubuntucve 1
osv 6
mariadbunix 1
openvas 2
debiancve 1
nvd 1
veracode 1
almalinux 2
oraclelinux 2
rocky 1
gentoo 1
nessus
nessus
RHEL 9 : galera and mariadb (RHSA-2023:6883)
2023-11-13 00:00:00
RHEL 8 : mariadb:10.5 (RHSA-2023:6822)
2023-11-08 00:00:00
RHEL 8 : mariadb:10.5 (RHSA-2023:6821)
2023-11-08 00:00:00
redhatcve
redhatcve
CVE-2023-5157
2023-09-25 09:51:17
redhat
redhat
(RHSA-2023:6883) Important: galera and mariadb security update
2023-11-13 08:37:55
(RHSA-2023:6821) Important: mariadb:10.5 security update
2023-11-08 15:15:50
(RHSA-2023:6822) Important: mariadb:10.5 security update
2023-11-08 15:17:00
cvelist
cvelist
CVE-2023-5157 Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
2023-09-26 13:25:24
redos
redos
ROS-20240404-18
2024-04-04 00:00:00
prion
prion
Denial of service
2023-09-27 15:19:00
ubuntucve
ubuntucve
CVE-2023-5157
2023-09-27 00:00:00
osv
osv
BIT-mysql-client-2023-5157
2024-03-06 10:57:13
BIT-mariadb-2023-5157
2024-03-06 10:55:35
CVE-2023-5157
2023-09-27 15:19:41
mariadbunix
mariadbunix
CVE-2023-5157
2023-09-27 15:19:41
openvas
openvas
MariaDB DoS Vulnerability (CVE-2023-5157) - Linux
2023-11-30 00:00:00
MariaDB DoS Vulnerability (CVE-2023-5157) - Windows
2023-11-30 00:00:00
debiancve
debiancve
CVE-2023-5157
2023-09-27 15:19:41
nvd
nvd
CVE-2023-5157
2023-09-27 15:19:41
veracode
veracode
Denial Of Service (DoS)
2023-10-08 08:11:22
almalinux
almalinux
Important: galera and mariadb security update
2023-10-12 00:00:00
Important: mariadb:10.5 security update
2023-10-12 00:00:00
oraclelinux
oraclelinux
mariadb:10.5 security update
2023-10-13 00:00:00
galera and mariadb security update
2023-10-18 00:00:00
rocky
rocky
mariadb:10.5 security update
2023-10-14 02:08:04
gentoo
gentoo
MariaDB: Multiple Vulnerabilities
2024-05-08 00:00:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

46.5%

JSON
Related for CVE-2023-5157
nessus20redhatcve1redhat6cvelist1redos1prion1ubuntucve1osv6mariadbunix1openvas2debiancve1nvd1veracode1almalinux2oraclelinux2rocky1gentoo1