Barakat Soror

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 6.0.20 Oracle VM VirtualBox versions prior to 6.1.6 **Description** The issue is related to inadequate access control in the Core component of Oracle VM VirtualBox, allowing a low-privileged attacker with logon access to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks can result in the takeover of Oracle VM VirtualBox. **Recommendations** For versions prior to 6.0.20, update to version 6.0.20 or later. For versions prior to 6.1.6, update to version 6.1.6 or later. As a temporary workaround, consider restricting access to the Core component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 6.0.20 Oracle VM VirtualBox versions prior to 6.1.6 **Description** The issue is related to insufficient access control in the Core component of Oracle VM VirtualBox, allowing a low-privileged attacker with logon access to the infrastructure where Oracle VM VirtualBox executes to potentially compromise the application. Successful exploitation can result in the takeover of Oracle VM VirtualBox. **Recommendations** For versions prior to 6.0.20, update to version 6.0.20 or later. For versions prior to 6.1.6, update to version 6.1.6 or later.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 5.2.40 Oracle VM VirtualBox versions prior to 6.0.20 Oracle VM VirtualBox versions prior to 6.1.6 **Description** The issue is related to insufficient access control in the Core component of Oracle VM VirtualBox, allowing a high-privileged attacker with logon access to the infrastructure to compromise Oracle VM VirtualBox. Successful attacks can result in the takeover of Oracle VM VirtualBox and may significantly impact additional products. **Recommendations** For versions prior to 5.2.40, update to a version equal to or later than 5.2.40. For versions prior to 6.0.20, update to a version equal to or later than 6.0.20. For versions prior to 6.1.6, update to a version equal to or later than 6.1.6.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 5.2.40 Oracle VM VirtualBox versions prior to 6.0.20 Oracle VM VirtualBox versions prior to 6.1.6 **Description** The issue is related to insufficient access control in the Core component of Oracle VM VirtualBox, allowing a high-privileged attacker with logon access to the infrastructure to compromise Oracle VM VirtualBox. Successful attacks can result in the takeover of Oracle VM VirtualBox and may significantly impact additional products. **Recommendations** For versions prior to 5.2.40, update to a version equal to or later than 5.2.40. For versions prior to 6.0.20, update to a version equal to or later than 6.0.20. For versions prior to 6.1.6, update to a version equal to or later than 6.1.6.

**Name of the Vulnerable Software and Affected Versions** MySQL Server versions 5.6.47 and prior MySQL Server versions 5.7.28 and prior MySQL Server versions 8.0.18 and prior **Description** The vulnerability in the MySQL Server product is related to insufficient access control in the InnoDB component. It can be exploited by a remote attacker to cause a denial of service via the MySQL Protocol. Successful attacks can result in the ability to cause a hang or frequently repeatable crash of the MySQL Server. **Recommendations** For MySQL Server versions 5.6.47 and prior, update to a version later than 5.6.47 to resolve the issue. For MySQL Server versions 5.7.28 and prior, update to a version later than 5.7.28 to resolve the issue. For MySQL Server versions 8.0.18 and prior, update to a version later than 8.0.18 to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation.