Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
October 19, 2023
Rewterz
Rewterz Threat Advisory – Multiple Oracle FLEXCUBE Universal Banking Vulnerabilities
October 19, 2023

Rewterz Threat Advisory – Multiple Oracle MySQL Server Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-22114 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22113 CVSS:2.7

An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Encryption component could allow a remote authenticated attacker to cause low confidentiality impact.

CVE-2023-22112 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22111 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: UDF component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22110 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22104 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22103 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22097 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22095 CVSS:6.5

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22092 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22084 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22079 CVSS:6.5

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22078 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22070 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22068 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22066 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22065 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22064 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22059 CVSS:6.5

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22032 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22028 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22026 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2023-22015 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

Impact

  • Denial of Service
  • Information Theft

Indicators Of Compromise

CVE

  • CVE-2023-22114
  • CVE-2023-22113
  • CVE-2023-22112
  • CVE-2023-22111
  • CVE-2023-22110
  • CVE-2023-22104
  • CVE-2023-22103
  • CVE-2023-22097
  • CVE-2023-22095
  • CVE-2023-22092
  • CVE-2023-22084
  • CVE-2023-22079
  • CVE-2023-22078
  • CVE-2023-22070
  • CVE-2023-22068
  • CVE-2023-22066
  • CVE-2023-22065
  • CVE-2023-22064
  • CVE-2023-22059
  • CVE-2023-22032
  • CVE-2023-22028
  • CVE-2023-22026
  • CVE-2023-22015

Affected Vendors

Oracle

Affected Products

  • Oracle MySQL Server 8.0.34
  • Oracle MySQL Server 8.0.31
  • Oracle MySQL Server 8.0.32
  • Oracle MySQL Server 8.0.33
  • Oracle MySQL Server 8.1.0
  • Oracle MySQL Server 5.7.42
  • Oracle MySQL Server 5.7.43

Remediation

Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.

Oracle Critical Patch Update Advisory