Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
30 Oct 2023, 19:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oracle mysql Server
Netapp active Iq Unified Manager Fedoraproject fedora Fedoraproject Netapp oncommand Insight Netapp Netapp oncommand Workflow Automation Netapp snapcenter |
|
CPE | cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:* |
|
References | (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/ - Mailing List | |
References | (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/ - Mailing List | |
References | (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/ - Mailing List |
16 Sep 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jul 2023, 19:26
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
First Time |
Oracle
Oracle mysql |
|
CPE | cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* | |
References | (MISC) https://www.oracle.com/security-alerts/cpujul2023.html - Vendor Advisory | |
References | (MISC) https://security.netapp.com/advisory/ntap-20230725-0005/ - Third Party Advisory |
25 Jul 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Jul 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-18 21:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-22048
Mitre link : CVE-2023-22048
CVE.ORG link : CVE-2023-22048
JSON object : View
Products Affected
oracle
- mysql_server
fedoraproject
- fedora
netapp
- snapcenter
- active_iq_unified_manager
- oncommand_insight
- oncommand_workflow_automation
CWE