Home > Vulnerability Database > CVE-2023-21980

Mend.io Vulnerability Database

CVE-2023-21980

Date: April 18, 2023

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).

Severity Score

4.9

Related Resources (5)

Url: https://www.oracle.com/security-alerts/cpuapr2023.html

Url: https://security.netapp.com/advisory/ntap-20230427-0007/

Url: https://access.redhat.com/security/cve/CVE-2023-21980

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-21980

Url: https://www.mend.io/vulnerability-database/CVE-2023-21980

Severity Score

4.9

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	4.9
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-21980

Date: April 18, 2023

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?