Home > Vulnerability Database > CVE-2023-21980

Mend.io Vulnerability Database

CVE-2023-21980

Date: April 18, 2023

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).

Severity Score

7.1

Related Resources (5)

Url: https://www.oracle.com/security-alerts/cpuapr2023.html

Url: https://security.netapp.com/advisory/ntap-20230427-0007/

Url: https://access.redhat.com/security/cve/CVE-2023-21980

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-21980

Url: https://www.mend.io/vulnerability-database/CVE-2023-21980

Severity Score

7.1

Weakness Type (CWE)

Improper Access Control

CWE-284

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	7.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-21980

Date: April 18, 2023

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?