Design/Logic Flaw

2023-04-1820:15:00

PRIOn knowledge base

www.prio-n.com

mysql

connector/j

vulnerability

oracle

compromise

dos

network access

unauthorized access

crash

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.7%

JSON

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors as well as unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H).

CPENameOperatorVersion
communications_cloud_native_core_binding_support_functioneq22.4.0
communications_cloud_native_core_binding_support_functioneq23.1.0
communications_cloud_native_core_policyeq22.4.0
communications_cloud_native_core_policyeq23.1.0
mysql_connectorsge8.0.0
mysql_connectorsle8.0.32

Name	Operator	Version
communications_cloud_native_core_binding_support_function	eq	22.4.0
communications_cloud_native_core_binding_support_function	eq	23.1.0
communications_cloud_native_core_policy	eq	22.4.0
communications_cloud_native_core_policy	eq	23.1.0
mysql_connectors	ge	8.0.0
mysql_connectors	le	8.0.32