CVE-2022-21519

5.9MEDIUM

Key Information:

Vendor: Oracle
Status: Mysql Cluster
Vendor: CVE Published:; 19 July 2022

Summary

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Affected Version(s)

MySQL Cluster 8.0.29 and prior

References

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220729-0004/

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2022
Vulnerability Reserved
Nov 15, 2021

Collectors

NVD DatabaseMitre Database