VDB
CVE-2023-21867
CVE-2023-21867
PUBLISHED
CVSS 9.300000190734863 CRITICAL
MySQL ist ein Open Source Datenbankserver von Oracle.
EPSS 0.38% · 60.0th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.38%
60.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle MySQL <=5.7.40 | |
| Oracle | Oracle MySQL <=7.6.24 | |
| Gentoo | Gentoo Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Oracle | Oracle MySQL <=7.5.28 | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle MySQL <=7.4.38 | |
| IBM | IBM Security Guardium 10.6 | |
| Amazon | Amazon Linux 2 | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| IBM | IBM Security Guardium 10.5 | |
| Oracle | Oracle MySQL <=8.0.30 | |
| Oracle | Oracle MySQL <=8.0.32 | |
| Oracle | Oracle MySQL <=8.0.29 | |
| Oracle | Oracle MySQL <=8.0.31 | |
| IBM | IBM Security Guardium 11.5 | |
| Oracle | Oracle MySQL <=8.0.28 | |
| Dell | Dell Data Protection Advisor <19.12 | |
| Oracle | Oracle Linux |
Exploit Intelligence
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc)
- CVE-2022-2588.yara (github-yara)
- CVE-2022-2588.yara (github-yara)
…and 14 more exploits
Timeline
- Jan 17, 2023 CVE Published
- Jan 18, 2023 EPSS Score
- Feb 28, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 9, 2023 EPSS Score
- May 20, 2023 EPSS Score
- Jun 29, 2023 EPSS Score
- Aug 9, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
- Dec 9, 2023 EPSS Score
- Jan 19, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0126.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0126 advisory
- https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL advisory
- https://ubuntu.com/security/notices/USN-5823-2 advisory
- https://ubuntu.com/security/notices/USN-5823-1 advisory
- https://ubuntu.com/security/notices/USN-5823-3 advisory
- https://security.netapp.com/advisory/ntap-20230208-0002/ advisory
- https://alas.aws.amazon.com/ALAS-2023-1686.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-1973.html advisory
- https://access.redhat.com/errata/RHSA-2023:2621 advisory
- https://access.redhat.com/errata/RHSA-2023:3087 advisory
- https://oss.oracle.com/pipermail/el-errata/2023-May/013976.html advisory
- https://linux.oracle.com/errata/ELSA-2023-3087.html advisory
- https://www.ibm.com/support/pages/node/6981105 advisory
- https://security.gentoo.org/glsa/202408-31 advisory
- https://access.redhat.com/errata/RHSA-2025:7138 advisory
- https://www.dell.com/support/kbdoc/en-us/000281732/dsa-2025-075-security-update-for-dell-data-protection-advisor-for-multiple-component-vulnerabilities advisory