Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-21971

Date: April 18, 2023

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors as well as unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H).

Severity Score

Related Resources (7)

https://www.oracle.com/security-alerts/cpuapr2023.html
https://security.netapp.com/advisory/ntap-20230427-0007/
https://access.redhat.com/security/cve/CVE-2023-21971
https://nvd.nist.gov/vuln/detail/CVE-2023-21971
https://www.oracle.com/security-alerts/cpujul2023.html
https://security.netapp.com/advisory/ntap-20230427-0010/
https://www.mend.io/vulnerability-database/CVE-2023-21971

Severity Score

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): HIGH
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): HIGH

Do you need more information?

Contact Us