A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Fedoraproject
  • Fedora
Mariadb
  • Mariadb
Redhat
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux For Arm 64
  • Enterprise Linux For Arm 64 Eus
  • Enterprise Linux For Ibm Z Systems
  • Enterprise Linux For Ibm Z Systems Eus
  • Enterprise Linux For Power Little Endian
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Tus
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Software Collections
  • Rhel Tus

Configuration 1 [-]

OR cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 8
mariadb:10.5-8080020231003163755.63b34585 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:5683 2023-10-12T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
mariadb:10.5-8040020231006044227.522a0ee4 cpe:/a:redhat:rhel_aus:8.4 RHSA-2023:6821 2023-11-08T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
mariadb:10.5-8040020231006044227.522a0ee4 cpe:/a:redhat:rhel_tus:8.4 RHSA-2023:6821 2023-11-08T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
mariadb:10.5-8040020231006044227.522a0ee4 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2023:6821 2023-11-08T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
mariadb:10.5-8060020231005052631.ad008a3a cpe:/a:redhat:rhel_eus:8.6 RHSA-2023:6822 2023-11-08T00:00:00Z
Red Hat Enterprise Linux 9
galera-0:26.4.14-1.el9_2 cpe:/a:redhat:enterprise_linux:9 RHSA-2023:5684 2023-10-12T00:00:00Z
mariadb-3:10.5.22-1.el9_2 cpe:/a:redhat:enterprise_linux:9 RHSA-2023:5684 2023-10-12T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
galera-0:26.4.14-1.el9_0 cpe:/a:redhat:rhel_eus:9.0 RHSA-2023:6883 2023-11-13T00:00:00Z
mariadb-3:10.5.22-1.el9_0 cpe:/a:redhat:rhel_eus:9.0 RHSA-2023:6883 2023-11-13T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7
rh-mariadb105-galera-0:26.4.14-1.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2023:7633 2023-12-04T00:00:00Z
rh-mariadb105-mariadb-3:10.5.22-1.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2023:7633 2023-12-04T00:00:00Z
References
Link Providers
https://access.redhat.com/errata/RHSA-2023:5683 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:5684 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:6821 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:6822 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:6883 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7633 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2023-5157 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2240246 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-5157 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-5157 cve-icon
History

Wed, 18 Jun 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-09-26T13:25:24.082Z

Updated: 2025-06-18T14:15:05.632Z

Reserved: 2023-09-25T08:31:06.489Z

Link: CVE-2023-5157

cve-icon Vulnrichment

Updated: 2024-08-02T07:52:06.728Z

cve-icon NVD

Status : Modified

Published: 2023-09-27T15:19:41.807

Modified: 2024-11-21T08:41:10.987

Link: CVE-2023-5157

cve-icon Redhat

Severity : Important

Publid Date: 2023-09-20T00:00:00Z

Links: CVE-2023-5157 - Bugzilla