Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

🗓️ 20 Oct 2023 07:00:00Reported by MicrosoftType

mscve

mscve🔗 msrc.microsoft.com👁 1 Views

MySQL Server vulnerability 8.0.33 and earlier allows attacker with network access to read data.

Reporter	Title	Published	Views	Family All 211
FreeBSD	MySQL -- Multiple vulnerabilities	17 Oct 202300:00	–	freebsd
Tenable Nessus	Alibaba Cloud Linux 3 : 0032: mysql:8.0 (ALINUX3-SA-2024:0032)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : mysql:8.0 (ALSA-2024:0894)	22 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : mysql (ALSA-2024:1141)	7 Mar 202400:00	–	nessus
Tenable Nessus	FreeBSD : MySQL -- Multiple vulnerabilities (22df5074-71cd-11ee-85eb-84a93843eb75)	23 Oct 202300:00	–	nessus
Tenable Nessus	MiracleLinux 8 : mysql:8.0 (AXSA:2024-7561:01)	20 Jan 202600:00	–	nessus
Tenable Nessus	MiracleLinux 9 : mysql-8.0.36-1.el9_3.ML.1 (AXSA:2024-7606:01)	20 Jan 202600:00	–	nessus
Tenable Nessus	Oracle MySQL Server 8.0.x < 8.0.34 (October 2023 CPU)	19 Jul 202300:00	–	nessus
Tenable Nessus	Oracle Linux 8 : mysql:8.0 (ELSA-2024-0894)	22 Feb 202400:00	–	nessus
Tenable Nessus	Oracle Linux 9 : mysql (ELSA-2024-1141)	7 Mar 202400:00	–	nessus

Vulners

Node

microsoft cbl2_mysql_8.0.34-1Range<8.0.34-1

20 Oct 2023 07:00Current

7High risk

Vulners AI Score7

CVSS 3.12.7

EPSS0.00809

SSVC

oracle mysql mysql server vulnerability network access read data version 8.0.33 high privileged attack surface