7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.5 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
54.6%
IBM Security Guardium has released an update to address these vulnerabilities.
CVEID:CVE-2023-21940
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Components Services component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253144 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21966
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: JSON component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253148 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21955
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Partition component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253152 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21929
**DESCRIPTION:**An unspecified vulnerability in MySQL Server product related to the Server DDL component could allow an authenticated attacker to cause low integrity impact and high availability impact
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253116 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H)
CVEID:CVE-2023-21912
**DESCRIPTION:**An unspecified vulnerability in MySQL Server product of Oracle MySQL could allow an attacker to cause high availability impact.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253170 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21920
**DESCRIPTION:**An unspecified vulnerability in MySQL Server product related to the Optimizer component could allow an authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253140 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21911
**DESCRIPTION:**An unspecified vulnerability in MySQL Server product of Oracle MySQL related to InnoDB component could allow an authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253171 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21962
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Components Services component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253145 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21945
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimize component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253149 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21953
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Partition component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253153 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21917
**DESCRIPTION:**An unspecified vulnerability in MySQL Server product of Oracle MySQL could allow an authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253159 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21919
**DESCRIPTION:**An unspecified vulnerability in MySQL Server product related to DDL component could allow an authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253141 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21963
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Connection Handling component could allow a remote authenticated attacker to cause availability impact.
CVSS Base score: 2.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253146 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L)
CVEID:CVE-2023-21935
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253150 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21946
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253151 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21982
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253095 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21913
**DESCRIPTION:**An unspecified vulnerability in MySQL Server product of Oracle MySQL related to the Server Optimizer component could allow an authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253169 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21947
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Components Services component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253142 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21933
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: DDL component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253147 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21972
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253087 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21976
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253089 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21977
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253090 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21971
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote authenticated attacker to cause low confidentiality impact, low integrity impact, and high availability impact.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253086 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H)
CVEID:CVE-2023-21980
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Client programs component could allow an remote authenticated attacker to cause high confidentiality impact, high integrity impact, and high availability impact.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253093 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Security Guardium | 10.6 |
IBM Security Guardium | 11.3 |
IBM Security Guardium | 11.4 |
IBM Security Guardium | 11.5 |
IBM encourages customers to update their systems promptly.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security guardium | eq | 10.6 | |
ibm security guardium | eq | 11.3 | |
ibm security guardium | eq | 11.4 | |
ibm security guardium | eq | 11.5 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.5 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
54.6%