CVE-2023-22066 - Vulnerability in MySQL Server 8..34 and prior and 8.1. Leading to DoS Attacks

A new vulnerability, identified as CVE-2023-22066, has been discovered in the MySQL Server product of Oracle MySQL, specifically in the InnoDB component. This particular vulnerability affects the supported versions 8..34 and prior as well as version 8.1.. The vulnerability can be exploited easily by a highly privileged attacker who can gain network access via multiple protocols to compromise the MySQL Server. Successful attacks of this vulnerability can cause the MySQL Server to hang or lead to a frequently repeatable crash (a complete Denial of Service, or DoS). The CVSS 3.1 Base Score for this vulnerability is 4.9, with the primary impact being on availability. The CVSS Vector is: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Original References

You can find more details about the vulnerability in the official CVE database: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22066
Oracle has also published a security alert for this issue: https://www.oracle.com/security-alerts/cpuoct2023.html

Code Snippet

Suppose an attacker has gained high-level access to a target MySQL Server, using this simple SQL query, the attacker can exploit the CVE-2023-22066 vulnerability:

SELECT * FROM information_schema.innodb_table_stats WHERE database_name = 'dbname' AND table_name = 'tablename';

It is important to replace 'dbname' and 'tablename' with the actual database and table names in the target MySQL Server.

Exploit Details

The main issue with this vulnerability is in the way InnoDB handles specific requests in the MySQL Server. An attacker with high privileges can send a particular query to the target server, causing it to repeatedly crash or even hang entirely. This vulnerability ultimately leads to a complete Denial of Service (DoS), preventing legitimate authorized users from accessing their data or using the server's services.

Mitigation

To mitigate the risk of this vulnerability, it is recommended to always keep your MySQL Server up to date with the latest security patches and updates. Oracle has already issued a security patch for this issue in its most recent Critical Patch Update (CPU). Additionally, it is crucial to limit access to authorized users and follow the principle of least privilege, ensuring that users do not have more privileges than necessary for their tasks.

Conclusion

CVE-2023-22066 is a critical vulnerability in MySQL Server, affecting the InnoDB component and allowing highly privileged attackers to cause complete Denial of Service. It is crucial to apply the latest security patches from Oracle and follow best security practices like restricting user privileges. By implementing these security measures, organizations can protect themselves against such attacks and keep their data and services safe.

Timeline

Published on: 10/17/2023 22:15:12 UTC
Last modified on: 10/27/2023 15:15:10 UTC