Red Team or Advanced Rogue attacker can exploit this vulnerability to cause a crash or hang of MySQL Server.
CVSS 3.0 Base Score 5.3 (System information disclosure). Critical - If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses
Hackers can gain access to database environment and get sensitive information
This vulnerability allows hackers to access the database environment and get a lot of sensitive information.
CVSS 3.0 Base Score 5.3 (System information disclosure). Critical - If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure Critical — If the user is not aware of the attack or does not have common protection against attacks, this vulnerability poses a critical risk. CVSS 3.0 Score 5.3 — System information disclosure
Limitations and Recommendations
The vulnerability is not exploitable in implementations of MySQL Server that use safe modes when the server is started.
Additional Information:
CVSS Base Score: 5.3
CVSS Vector: AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
AVG CVSS Base Score5.3
AVG CVSS Vector4.3
Timeline
Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/18/2022 21:18:00 UTC