CVE-2023-21971

CWE-4108 documents6 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 65.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Oracle Mysql ConnectorsOracle Corporation Mysql ConnectorsOracle Communications Cloud Native Core Binding Support Function+1 more
Timeline
PublishedApr 18
Latest updateMay 7

Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (com

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:HExploitability: 0.5 | Impact: 4.7

Affected Packages4 packages

NVDoracle/mysql_connectors8.0.08.0.32
CVEListV5oracle_corporation/mysql_connectors8.0.32 and prior

Patches

Patch: www.oracle.comPatch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

4
OSV
linux-azure vulnerabilities2025-05-07
GHSA
GHSA-8273-q4gg-6jm9: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)2023-04-18
CVEList
CVE-2023-21971: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)2023-04-18
OSV
CVE-2023-21971: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)2023-04-18

📋Vendor Advisories

3
Oracle
Oracle Oracle Communications Risk Matrix: Policy (MySQL Connectors) — CVE-2023-219712023-07-15
Red Hat
mysql-connector-java: Connector/J unspecified vulnerability (CPU April 2023)2023-04-19
Oracle
Oracle Oracle MySQL Risk Matrix: Connector/J — CVE-2023-219712023-04-15