Login Sign Up

CVE-2023-22102

8.3 HIGH

📋 TL;DR

This vulnerability in Oracle MySQL Connector/J allows an unauthenticated attacker with network access to potentially compromise the connector through multiple protocols. Successful exploitation requires human interaction from someone other than the attacker and can lead to complete takeover of MySQL Connectors, potentially affecting additional connected systems. Affected versions are 8.1.0 and prior.

💻 Affected Systems

Products:
  • Oracle MySQL Connector/J
Versions: 8.1.0 and prior
Operating Systems: All platforms running affected MySQL Connector/J versions
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the connector component itself, not dependent on specific configurations.

📦 What is this software?

Mysql Connector\/j by Oracle

View all CVEs affecting Mysql Connector\/j →

Oncommand Insight by Netapp

View all CVEs affecting Oncommand Insight →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of MySQL Connector/J leading to full system takeover, data exfiltration, and lateral movement to connected systems.

🟠

Likely Case

Limited exploitation due to required human interaction, but successful attacks could lead to connector compromise and data exposure.

🟢

If Mitigated

Minimal impact with proper network segmentation, least privilege access, and user awareness training.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: HIGH

Exploitation requires human interaction from a person other than the attacker, making automated attacks difficult.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 8.2.0 or later

Vendor Advisory: https://www.oracle.com/security-alerts/cpuoct2023.html

Restart Required: Yes

Instructions:

1. Download MySQL Connector/J 8.2.0 or later from Oracle's website. 2. Replace the existing connector JAR file with the updated version. 3. Restart any applications using the connector.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to MySQL connectors to only trusted sources

User Awareness Training

all

Educate users about not interacting with unexpected prompts or connections

🧯 If You Can't Patch

  • Implement strict network access controls to limit connector exposure
  • Monitor for unusual connection attempts or user interaction prompts

🔍 How to Verify

Check if Vulnerable:

Check the version of mysql-connector-java.jar file in your application's classpath or lib directory

Check Version:

java -jar mysql-connector-java.jar --version (if supported) or check JAR file properties

Verify Fix Applied:

Verify the JAR file version is 8.2.0 or higher and check application logs for successful startup

📡 Detection & Monitoring

Log Indicators:

  • Unexpected connection attempts to MySQL connectors
  • Unusual user interaction prompts in application logs

Network Indicators:

  • Unusual network traffic patterns to MySQL connector ports
  • Multiple failed connection attempts from untrusted sources

SIEM Query:

source="application_logs" AND ("mysql-connector" OR "Connector/J") AND (error OR failed OR unexpected)

📊 Metadata

CVE ID: CVE-2023-22102
CVSS v3 Score: 8.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CWE: CWE-284
Published: October 17, 2023
Last Updated: March 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-22102, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)