Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-22058
HistoryJul 18, 2023 - 12:00 a.m.

CVE-2023-22058

2023-07-1800:00:00
ubuntu.com
ubuntu.com
11
vulnerability
mysql server
oracle
high privileged attacker
dos
network access
cve-2023-22058
oracle mysql
server ddl
cvss 3.1
availability impacts

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.8%

Vulnerability in the MySQL Server product of Oracle MySQL (component:
Server: DDL). Supported versions that are affected are 8.0.33 and prior.
Difficult to exploit vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Notes

Author Note
leosilva since 5.5 is no longer upstream supported and so far we cannot patch it, marking it as ignored.

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.8%