CVE-2023-21966: 
MySQL vulnerability analysis and mitigation

CVE-2023-21966 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: JSON component. The vulnerability affects MySQL versions 8.0.32 and prior. This security flaw was disclosed as part of Oracle's Critical Patch Update in April 2023 (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity), with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The vulnerability is easily exploitable but requires high privileged access with network access via multiple protocols to compromise MySQL Server (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete Denial of Service (DoS) of MySQL Server. The vulnerability primarily affects the availability of the system, with no direct impact on confidentiality or integrity (NVD).

Oracle has released patches to address this vulnerability in MySQL version 8.0.33. Users are strongly advised to upgrade to this version or apply the relevant security patches. For systems that cannot be immediately updated, ensuring strict access control to limit high-privileged access can help reduce the risk (Oracle Advisory, NetApp Advisory).