The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging (OpenSSL)).
Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2023-6129)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2024-21015)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2024-20998)
Note that Nessus has not tested for these issues but has instead relied only on the applicationโs self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(193568);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/22");
script_cve_id(
"CVE-2023-6129",
"CVE-2024-20994",
"CVE-2024-20998",
"CVE-2024-21000",
"CVE-2024-21008",
"CVE-2024-21009",
"CVE-2024-21013",
"CVE-2024-21047",
"CVE-2024-21054",
"CVE-2024-21060",
"CVE-2024-21062",
"CVE-2024-21069",
"CVE-2024-21087",
"CVE-2024-21096",
"CVE-2024-21102"
);
script_name(english:"Oracle MySQL Server 8.0.x < 8.0.37 (April 2024 CPU)");
script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
script_set_attribute(attribute:"description", value:
"The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the
April 2024 CPU advisory.
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging (OpenSSL)).
Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability
allows unauthenticated attacker with network access via TLS to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible
data. (CVE-2023-6129)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that
are affected are 8.0.34 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible
data. (CVE-2024-21015)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions
that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2024-20998)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2024.html");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpuapr2024csaf.json");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2024 Oracle Critical Patch Update advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-6129");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/16");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/19");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mysql_version.nasl", "mysql_login.nasl");
script_require_ports("Services/mysql", 3306);
exit(0);
}
include('mysql_version.inc');
mysql_check_version(fixed:'8.0.37', min:'8.0', severity:SECURITY_WARNING);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6129
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21000
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21008
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21009
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21013
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21087
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21102
www.oracle.com/docs/tech/security-alerts/cpuapr2024csaf.json
www.oracle.com/security-alerts/cpuapr2024.html