First published: Tue Apr 19 2022(Updated: )
Last updated 24 July 2024
Credit: secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/mysql | <5.7.38 | 5.7.38 |
redhat/mysql | <8.0.29 | 8.0.29 |
redhat/mariadb | <10.5.7 | 10.5.7 |
redhat/mariadb | <10.4.25 | 10.4.25 |
redhat/mariadb | <10.3.35 | 10.3.35 |
redhat/mariadb | <10.2.44 | 10.2.44 |
Oracle MySQL | >=5.7.0<=5.7.37 | |
Oracle MySQL | >=8.0.0<=8.0.28 | |
Netapp Active Iq Unified Manager Vmware Vsphere | ||
Netapp Active Iq Unified Manager Windows | ||
NetApp OnCommand Insight | ||
NetApp OnCommand Workflow Automation | ||
Netapp Snapcenter | ||
Mariadb Mariadb | >=10.2.0<10.2.44 | |
Mariadb Mariadb | >=10.3.0<10.3.35 | |
Mariadb Mariadb | >=10.4.0<10.4.25 | |
Mariadb Mariadb | >=10.5.0<10.5.7 | |
Debian Debian Linux | =10.0 | |
debian/mariadb-10.5 | 1:10.5.23-0+deb11u1 1:10.5.26-0+deb11u2 | |
debian/mysql-8.0 | 8.0.41-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-21427 is a vulnerability in the MySQL Server product of Oracle MySQL that allows a high privileged attacker with network access to compromise MySQL Server.
The affected versions of Oracle MySQL are 5.7.37 and prior, and 8.0.28 and prior.
CVE-2022-21427 has a severity rating of 4.9, which is considered medium severity.
CVE-2022-21427 can be easily exploited by a high privileged attacker with network access via multiple protocols.
To fix CVE-2022-21427, you should update Oracle MySQL to version 5.7.38 or 8.0.29, depending on the affected version.