CVE-2023-21887
Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM
CVE ID: CVE-2023-21887
CVSS Score: 4.9
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Proof Of Concept
zwxxb
Remote Code Execution : Ivanti
Refrence: GitHub
Content on GitHub
duy-31 | watchers:15
CVE-2023-46805_CVE-2024-21887
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Refrence: GitHub
seajaysec | watchers:12
Ivanti-Connect-Around-Scan
Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.
Refrence: GitHub
raminkarimkhani1996 | watchers:3
CVE-2023-46805_CVE-2024-21887
The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.
Refrence: GitHub
mickdec | watchers:0
CVE-2023-46805_CVE-2024-21887_scan_grouped
Refrence: GitHub