Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0045 โ€” Oracle Mysql vulnerability

3 documents3 sources
Severity
6.4MEDIUMNVD
EPSS
2.1%
top 15.95%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Mysql
Timeline
PublishedJan 11
Latest updateApr 30

Description

MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

โ–ถNVDoracle/mysql3.22.27, 3.22.29, 3.23.8+2

๐Ÿ”ดVulnerability Details

1
GHSA
GHSA-2j9w-mc69-3577: MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilegeโ†—2022-04-30
โ–ถ

๐Ÿ’ฅExploits & PoCs

1
Exploit-DB
MySQL 3.22.27/3.22.29/3.23.8 - GRANT Global Password Changingโ†—2000-02-15
โ–ถ