Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.1
CVSSv3

CVE-2023-22048

Published: 18/07/2023 Updated: 30/10/2023
CVSS v3 Base Score: 3.1 | Impact Score: 1.4 | Exploitability Score: 1.6
VMScore: 0
Subscribe to Mysql Server

Vulnerability Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql server

fedoraproject fedora 37

fedoraproject fedora 38

fedoraproject fedora 39

netapp snapcenter -

netapp oncommand workflow automation -

netapp oncommand insight -

netapp active iq unified manager -

Vendor Advisories

Debian CVElist Bug Report Logs: mysql-8.0: CVE-2023-22058 CVE-2023-22057 CVE-2023-22056 CVE-2023-22054 CVE-2023-22053 CVE-2023-22048 CVE-2023-22046 CVE-2023-22038 CVE-2023-22033 CVE-2023-22008 CVE-2023-22007 CVE-2023-22005 CVE-2023-21950
Debian Bug report logs - #1041819 mysql-80: CVE-2023-22058 CVE-2023-22057 CVE-2023-22056 CVE-2023-22054 CVE-2023-22053 CVE-2023-22048 CVE-2023-22046 CVE-2023-22038 CVE-2023-22033 CVE-2023-22008 CVE-2023-22007 CVE-2023-22005 CVE-2023-21950 Package: src:mysql-80; Maintainer for src:mysql-80 is Debian MySQL Maintainers <pkg-mysql-maint ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth) Supported versions that are affected are 8033 and prior Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server ...

References

NVD-CWE-noinfohttps://www.oracle.com/security-alerts/cpujul2023.htmlhttps://security.netapp.com/advisory/ntap-20230725-0005/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041819https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-22048
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook