K000139405 : MySQL vulnerability CVE-2023-21950

2024-04-2500:00:00

my.f5.com

mysql server

oracle

vulnerability

network access

compromise

denial of service

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

Security Advisory Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2023-21950)

Impact

There is no impact; F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-ip next central managereq20.0.1
big-ip next central managereq20.0.2
big-ip next central managereq20.1.0
big-ip next central managereq20.1.1
big-ip next central managereq20.2.0
big-ip next cgnat cnfeq1.1.0
big-ip next cgnat cnfeq1.1.1
big-ip next cgnat cnfeq1.2.0
big-ip next cgnat cnfeq1.2.1
big-ip next cgnat cnfeq1.3.0

Name	Operator	Version
big-ip next central manager	eq	20.0.1
big-ip next central manager	eq	20.0.2
big-ip next central manager	eq	20.1.0
big-ip next central manager	eq	20.1.1
big-ip next central manager	eq	20.2.0
big-ip next cgnat cnf	eq	1.1.0
big-ip next cgnat cnf	eq	1.1.1
big-ip next cgnat cnf	eq	1.2.0
big-ip next cgnat cnf	eq	1.2.1
big-ip next cgnat cnf	eq	1.3.0