6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:M/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
54.7%
IBM Security Guardium has addressed these vulnerabilities by upgrading the version of Oracle® MySQL that it uses.
CVEID:CVE-2023-21881
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245042 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21875
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Encryption component could allow a remote authenticated attacker to cause a denial of service resulting in unauthorized creation, deletion or modification access to critical data.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245053 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H)
CVEID:CVE-2023-21877
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause a denial of service resulting in low integrity and high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245051 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21871
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245062 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21867
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245066 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21863
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245070 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21860
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Cluster: Internal Operations component could allow a remote authenticated attacker from within the local network using user interaction to compromise MySQL Cluster.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245078 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H)
CVEID:CVE-2023-21880
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause a denial of service resulting in low integrity and high availability impact using unknown attack vectors.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245043 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H)
CVEID:CVE-2023-21874
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Thread Pooling component could allow a remote authenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 2.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245054 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L)
CVEID:CVE-2023-21870
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245063 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21866
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245067 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21865
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245068 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21883
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245040 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21840
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: PS component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245079 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21879
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245044 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21873
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245055 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21869
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause a denial of service resulting in a low integrity and a high availability impact using unknown attack vectors.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245064 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H)
CVEID:CVE-2023-21868
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245065 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21864
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245069 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21882
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to compromise MySQL Server, resulting in a low integrity impact using unknown attack vectors.
CVSS Base score: 2.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245041 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N)
CVEID:CVE-2023-21876
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245052 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21836
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245080 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21878
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245049 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-21872
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause a denial of service resulting in a low integrity and a high availability impact using unknown attack vectors.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245061 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Security Guardium | 10.5 |
IBM Security Guardium | 10.6 |
IBM Security Guardium | 11.3 |
IBM Security Guardium | 11.4 |
IBM Security Guardium | 11.5 |
IBM encourages customers to update their systems promptly.
Product | Versions | ** Fix** |
---|---|---|
IBM Security Guardium | 10.5 |
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security guardium | eq | 10.5 | |
ibm security guardium | eq | 10.6 | |
ibm security guardium | eq | 11.3 | |
ibm security guardium | eq | 11.5 |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:M/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
54.7%