QID 20398
Date Published: 2024-01-17
QID 20398: Oracle MySQL JAN 2024 Critical Patch Update (CPUJAN2024)
This Critical Patch Update contains patches for 5.7.x, 8.0.x and 8.x.y oracle MySQL server
Affected Versions:
MySQL Server versions 8.0.35 and prior
MySQL Server versions 8.1.0.
MySQL Server versions 8.2.0 and prior
QID Detection Logic (Authenticated):(Linux)
This QID fires mysqld -V command to check the vulnerable versions of MySQL.
QID Detection Logic (Unauthenticated):
This QID detects vulnerable versions of MySQL via the banner exposed by the service.
Successful exploitation could allow an attacker to affect the confidentiality, integrity, and availability of data on the target system.
Solution
Refer to vendor advisory Oracle MySQL OCT 2023 .
Vendor References
- CPUJAN2024 -
www.oracle.com/security-alerts/cpujan2024.html
CVEs related to QID 20398
CVE-2023-39975 | CVE-2024-20968 | CVE-2023-5363 | CVE-2024-20960 | CVE-2024-20961 | CVE-2024-20962 | CVE-2024-20963 | CVE-2024-20964 | CVE-2024-20965 | CVE-2024-20966 | CVE-2024-20967 | CVE-2024-20969 | CVE-2024-20970 | CVE-2024-20971 | CVE-2024-20972 | CVE-2024-20973 | CVE-2024-20974 | CVE-2024-20976 | CVE-2024-20977 | CVE-2024-20978 | CVE-2024-20981 | CVE-2024-20982 | CVE-2024-20984 | CVE-2024-20985 | CVE-2024-20975 | CVE-2024-20983 |
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| CPUJAN2024 |
www.oracle.com/security-alerts/cpujan2024.html |