What is the severity of CVE-2023-22038?

The severity of CVE-2023-22038 is rated as low.

How does CVE-2023-22038 affect Oracle MySQL?

CVE-2023-22038 affects Oracle MySQL versions 8.0.33 and prior.

What is the exploitability of CVE-2023-22038?

CVE-2023-22038 is easily exploitable by a high privileged attacker with network access via multiple protocols.

What are the affected versions of Oracle MySQL for CVE-2023-22038?

Oracle MySQL versions 8.0.33 and prior are affected by CVE-2023-22038.

How can I mitigate CVE-2023-22038?

To mitigate CVE-2023-22038, update Oracle MySQL to version 8.0.34 or later.

Vulnerability/
CVE-2023-22038

low

2.7

CWE

18/7/2023

5/3/2024

CVE-2023-22038

First published: Tue Jul 18 2023(Updated: )

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).

Credit: secalert_us@oracle.com secalert_us@oracle.com secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle MySQL	>=8.0.0<=8.0.33
ubuntu/mysql-8.0	<8.0.34	8.0.34
ubuntu/mysql-8.0	<8.0.34-0ubuntu0.20.04.1	8.0.34-0ubuntu0.20.04.1
ubuntu/mysql-8.0	<8.0.34-0ubuntu0.22.04.1	8.0.34-0ubuntu0.22.04.1
ubuntu/mysql-8.0	<8.0.34-0ubuntu0.23.04.1	8.0.34-0ubuntu0.23.04.1
ubuntu/mysql-8.0	<8.0.34-0ubuntu2	8.0.34-0ubuntu2
debian/mysql-8.0		8.0.36-2
redhat/mysql	<8.0.34	8.0.34
Oracle Mysql Server	>=8.0.0<=8.0.33
Fedoraproject Fedora	=37
Fedoraproject Fedora	=38
Fedoraproject Fedora	=39
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Active Iq Unified Manager Windows
NetApp OnCommand Insight
NetApp OnCommand Workflow Automation
Netapp Snapcenter

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

USN-6288-1

Frequently Asked Questions

What is the severity of CVE-2023-22038?
The severity of CVE-2023-22038 is rated as low.
How does CVE-2023-22038 affect Oracle MySQL?
CVE-2023-22038 affects Oracle MySQL versions 8.0.33 and prior.
What is the exploitability of CVE-2023-22038?
CVE-2023-22038 is easily exploitable by a high privileged attacker with network access via multiple protocols.
What are the affected versions of Oracle MySQL for CVE-2023-22038?
Oracle MySQL versions 8.0.33 and prior are affected by CVE-2023-22038.
How can I mitigate CVE-2023-22038?
To mitigate CVE-2023-22038, update Oracle MySQL to version 8.0.34 or later.

collector/nvd-latest
vendor/oracle
product/mysql
canonical/oracle mysql
collector/nvd-index
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/type
collector/usn-cve
source/Ubuntu
agent/software-canonical-lookup
agent/weakness
agent/author
agent/event
collector/security-tracker-debian
source/Debian
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2023-22038
agent/last-modified-date
agent/severity
agent/references
agent/softwarecombine
agent/description
agent/tags
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-api
version/oracle mysql/8.0.0
version/oracle mysql/8.0.33
package-manager/ubuntu
package-manager/debian
package-manager/redhat
canonical/oracle mysql server
version/oracle mysql server/8.0.0
version/oracle mysql server/8.0.33
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/37
version/fedoraproject fedora/38
version/fedoraproject fedora/39
vendor/netapp
canonical/netapp active iq unified manager vmware vsphere
canonical/netapp active iq unified manager windows
canonical/netapp oncommand insight
canonical/netapp oncommand workflow automation
canonical/netapp snapcenter