CVE-2022-21482

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.3 MEDIUM
ADJACENT_NETWORK
HIGH
HIGH
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
oracleCNA
6.3 MEDIUM
ADJACENT_NETWORK
HIGH
HIGH
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
oraclemysql
8.0.0 ≤
𝑥
≤ 8.0.28
netappactive_iq_unified_manager
-
netappactive_iq_unified_manager
-
netapponcommand_insight
-
netappsnapcenter
-
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cluster
noble
needs-triage
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needs-triage
impish
ignored
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
mariadb-10.0
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
needs-triage
trusty
dne
mariadb-10.1
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
needs-triage
xenial
dne
trusty
dne
mariadb-10.3
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
needs-triage
bionic
dne
xenial
dne
trusty
dne
mariadb-10.5
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
ignored
focal
dne
bionic
dne
xenial
dne
trusty
dne
mariadb-5.5
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
dne
trusty
dne
mysql-5.5
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
dne
vivid
dne
trusty
ignored
mysql-5.6
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
dne
trusty
dne
mysql-5.7
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
not-affected
xenial
not-affected
trusty
dne
mysql-8.0
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
impish
not-affected
focal
not-affected
bionic
dne
xenial
dne
trusty
dne
percona-server-5.6
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
needs-triage
trusty
dne
percona-xtradb-cluster-5.5
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
dne
trusty
dne
percona-xtradb-cluster-5.6
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
needs-triage
trusty
dne
References
https://security.netapp.com/advisory/ntap-20220429-0005/
https://www.oracle.com/security-alerts/cpuapr2022.html
https://security.netapp.com/advisory/ntap-20220429-0005/
https://www.oracle.com/security-alerts/cpuapr2022.html