CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2023-22103 – mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22103
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 https://www.oracle.com/security-alerts/cpuoct2023.html https://access.redhat.com/security/cve/CVE-2023-22103 https://bugzilla.redhat.com/show_bug.cgi?id=2245027 •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22102
https://notcve.org/view.php?id=CVE-2023-22102
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. • https://security.netapp.com/advisory/ntap-20231027-0007 https://www.oracle.com/security-alerts/cpuoct2023.html •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2023-22097 – mysql: InnoDB unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22097
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 https://www.oracle.com/security-alerts/cpuoct2023.html https://access.redhat.com/security/cve/CVE-2023-22097 https://bugzilla.redhat.com/show_bug.cgi?id=2245026 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22095
https://notcve.org/view.php?id=CVE-2023-22095
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 https://www.oracle.com/security-alerts/cpuoct2023.html •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22094
https://notcve.org/view.php?id=CVE-2023-22094
Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Supported versions that are affected are Prior to 1.6.8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Installer executes to compromise MySQL Installer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Installer, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Installer accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Installer. • https://www.oracle.com/security-alerts/cpuoct2023.html •