Lucene search

[email protected]NVD:CVE-2023-5157

HistorySep 27, 2023 - 3:19 p.m.

CVE-2023-5157

2023-09-2715:19:41

CWE-400

[email protected]

web.nvd.nist.gov

mariadb

openvas

port scan

remote denial of service

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0.002

Percentile

52.2%

JSON

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

Affected configurations

Nvd

Node

mariadbmariadbRange<10.3.36

mariadbmariadbRange10.4.0–10.4.26

mariadbmariadbRange10.5.0–10.5.17

mariadbmariadbRange10.6.0–10.6.9

mariadbmariadbRange10.7.0–10.7.5

mariadbmariadbRange10.8.0–10.8.4

Node

fedoraprojectfedoraMatch38

Node

redhatenterprise_linuxMatch8.0

redhatenterprise_linuxMatch9.0

redhatenterprise_linux_eusMatch8.6

redhatenterprise_linux_eusMatch8.8

redhatenterprise_linux_eusMatch9.0

redhatenterprise_linux_eusMatch9.2

redhatenterprise_linux_for_arm_64Match8.0_aarch64

redhatenterprise_linux_for_arm_64Match9.0_aarch64

redhatenterprise_linux_for_arm_64_eusMatch8.8_aarch64

redhatenterprise_linux_for_ibm_z_systemsMatch8.0_s390x

redhatenterprise_linux_for_ibm_z_systemsMatch9.0_s390x

redhatenterprise_linux_for_ibm_z_systemsMatch9.2_s390x

redhatenterprise_linux_for_ibm_z_systems_eusMatch8.6_s390x

redhatenterprise_linux_for_ibm_z_systems_eusMatch8.8_s390x

redhatenterprise_linux_for_ibm_z_systems_eusMatch9.2_s390x

redhatenterprise_linux_for_power_little_endianMatch8.0_ppc64le

redhatenterprise_linux_for_power_little_endianMatch9.0_ppc64le

redhatenterprise_linux_for_power_little_endian_eusMatch8.8_ppc64le

redhatenterprise_linux_for_power_little_endian_eusMatch9.2_ppc64le

redhatenterprise_linux_server_ausMatch8.4

redhatenterprise_linux_server_ausMatch8.6

redhatenterprise_linux_server_ausMatch9.2

redhatenterprise_linux_server_tusMatch8.4

redhatenterprise_linux_server_tusMatch8.6

redhatenterprise_linux_server_tusMatch8.8

References

access.redhat.com/errata/RHSA-2023:5683

access.redhat.com/errata/RHSA-2023:5684

access.redhat.com/errata/RHSA-2023:6821

access.redhat.com/errata/RHSA-2023:6822

access.redhat.com/errata/RHSA-2023:6883

access.redhat.com/errata/RHSA-2023:7633

access.redhat.com/security/cve/CVE-2023-5157

bugzilla.redhat.com/show_bug.cgi?id=2240246

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0.002

Percentile

52.2%

JSON

Related for NVD:CVE-2023-5157

redhat6 redos1 prion1 nessus20 ubuntucve1 cvelist1 redhatcve1 mariadbunix1 openvas2 osv6 debiancve1 veracode1 cve1 oraclelinux2 rocky1 almalinux2 gentoo1