← Back to CVEs

CVE-2023-22113

LOW

2.7

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

CVE Details

CVSS v3.1 Score2.7

SeverityLOW

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredHIGH

User InteractionNONE

Published10/17/2023

Last Modified6/12/2025

Sourcenvd

Honeypot Sightings0

Affected Products

netapp:oncommand_insightoracle:mysql

Weaknesses (CWE)

CWE-125

References

https://security.netapp.com/advisory/ntap-20231027-0009/(secalert_us@oracle.com)

https://www.oracle.com/security-alerts/cpuoct2023.html(secalert_us@oracle.com)

https://security.netapp.com/advisory/ntap-20231027-0009/(af854a3a-2127-422b-91ae-364da2661108)

https://www.oracle.com/security-alerts/cpuoct2023.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.