CVE-2023-22102
First published: Tue Oct 17 2023(Updated: )
An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote attacker to cause high confidentiality, integrity and availability impacts.
Credit: secalert_us@oracle.com secalert_us@oracle.com secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/mysql:mysql-connector-java | <=8.0.33 | |
| maven/com.mysql:mysql-connector-j | <8.2.0 | 8.2.0 |
| Oracle Mysql Connector\/j | <=8.1.0 | |
| NetApp OnCommand Insight | ||
| Oracle MySQL connector\/j | <=8.1.0 | |
| MySQL | <=8.1.0 | |
| IBM Data Virtualization on Cloud Pak for Data | <=3.0 | |
| IBM Watson Query on Cloud Pak for Data | <=2.2 | |
| IBM Watson Query on Cloud Pak for Data | <=2.1 | |
| IBM Watson Query on Cloud Pak for Data | <=2.0 | |
| IBM Data Virtualization on Cloud Pak for Data | <=1.8 | |
| IBM Data Virtualization on Cloud Pak for Data | <=1.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.oracle.com/security-alerts/cpuoct2023.html
- https://security.netapp.com/advisory/ntap-20231027-0007/
- https://nvd.nist.gov/vuln/detail/CVE-2023-22102
- https://security.netapp.com/advisory/ntap-20231027-0007
- https://github.com/mysql/mysql-connector-j/compare/8.1.0...8.2.0
- https://github.com/advisories/GHSA-m6vm-37g8-gqvh (Advisory)
- https://www.oracle.com/security-alerts/cpuoct2023.html#AppendixMSQL
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2256475
- https://access.redhat.com/errata/RHSA-2024:0722
- https://bugzilla.redhat.com/show_bug.cgi?id=2256474
- https://www.ibm.com/support/pages/node/7183851 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this MySQL Connectors vulnerability?
The vulnerability ID for this MySQL Connectors vulnerability is CVE-2023-22102.
What is the affected software for this MySQL Connectors vulnerability?
The affected software for this MySQL Connectors vulnerability is Oracle MySQL version up to and including 8.1.0.
What is the severity rating of the MySQL Connectors vulnerability?
The severity rating of the MySQL Connectors vulnerability is high, with a severity value of 8.3.
How can an attacker exploit this MySQL Connectors vulnerability?
An unauthenticated attacker with network access via multiple protocols could compromise MySQL Connectors by exploiting this vulnerability.
How do I fix the MySQL Connectors vulnerability?
To fix the MySQL Connectors vulnerability, it is recommended to update to a version higher than 8.1.0 as provided by Oracle.
- agent/type
- agent/first-publish-date
- agent/author
- agent/remedy
- agent/severity
- collector/mitre-cve
- source/MITRE
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-m6vm-37g8-gqvh
- alias/CVE-2023-22102
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- collector/github-advisory
- agent/trending
- collector/redhat-bugzilla
- source/Red Hat
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/last-modified-date
- agent/references
- agent/source
- agent/tags
- agent/softwarecombine
- agent/description
- collector/ibm-support
- source/IBM
- agent/event
- package-manager/maven
- vendor/oracle
- canonical/oracle mysql connector\/j
- version/oracle mysql connector\/j/8.1.0
- vendor/netapp
- canonical/netapp oncommand insight
- canonical/mysql
- version/mysql/8.1.0
- vendor/ibm
- canonical/ibm data virtualization on cloud pak for data
- version/ibm data virtualization on cloud pak for data/3.0
- canonical/ibm watson query on cloud pak for data
- version/ibm watson query on cloud pak for data/2.2
- version/ibm watson query on cloud pak for data/2.1
- version/ibm watson query on cloud pak for data/2.0
- version/ibm data virtualization on cloud pak for data/1.8
- version/ibm data virtualization on cloud pak for data/1.7