Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

Remediation

References

CVE-2023-22102

Related Vulnerabilities

Chamilo Improper Privilege Management Vulnerability (CVE-2020-23128)

WordPress Plugin Events Widgets For Elementor And The Events Calendar Security Bypass (1.4.3)

WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (7.3)

WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.2.7)

WordPress Plugin Web Tripwire Arbitrary File Upload (0.1.1)

Severity

High

Classification

CVE-2023-22102 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities