Home > Vulnerability Database > CVE-2023-22102

Mend.io Vulnerability Database

CVE-2023-22102

Good to know:

Date: October 17, 2023

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

Language: Java

Severity Score

4.9

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-22102

Url: https://www.oracle.com/security-alerts/cpuoct2023.html

Url: https://security.netapp.com/advisory/ntap-20231027-0007/

Url: https://www.mend.io/vulnerability-database/CVE-2023-22102

Severity Score

4.9

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

Top Fix

Upgrade Version

Upgrade to version com.mysql:mysql-connector-j:8.2.0

Learn More

CVSS v3.1

Base Score:	4.9
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-22102

Good to know:

Date: October 17, 2023

Language: Java

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?