CVE-2023-22015
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2023-22015 is a vulnerability affecting the Optimizer component of Oracle MySQL Servers (versions 5.7.42 and prior, and 8.0.31 and prior). This easily exploitable issue enables high privileged attackers with network access to cause a hang or frequently repeatable crash of the MySQL Server via multiple protocols. The consequences of successful exploitation include a denial of service (DoS) attack. The base score of this vulnerability, according to the Common Vulnerability Scoring System (CVSS), is 4.9, with a high privilege requirement (PR:H) and an availability impact (AV:N).
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- MySQL
Affected Vendors
- BonqDAO
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions