CVE-2022-21486
First published: Tue Apr 19 2022(Updated: )
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle MySQL | >=7.4.0<=7.4.35 | |
| Oracle MySQL | >=7.5.0<=7.5.25 | |
| Oracle MySQL | >=7.6.0<=7.6.21 | |
| Oracle MySQL | >=8.0.0<=8.0.28 | |
| Netapp Active Iq Unified Manager Vmware Vsphere | ||
| Netapp Active Iq Unified Manager Windows | ||
| NetApp OnCommand Insight | ||
| Netapp Snapcenter |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this MySQL Cluster vulnerability?
The vulnerability ID for this MySQL Cluster vulnerability is CVE-2022-21486.
Which products are affected by this vulnerability?
The MySQL Cluster product of Oracle MySQL is affected by this vulnerability.
Which versions of MySQL Cluster are affected by this vulnerability?
Versions 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior, and 8.0.28 and prior of MySQL Cluster are affected by this vulnerability.
What is the severity of CVE-2022-21486?
The severity of CVE-2022-21486 is low with a severity value of 2.9.
How can I fix this MySQL Cluster vulnerability?
To fix this vulnerability, update to a version of MySQL Cluster that is not prior to 7.4.35, 7.5.25, 7.6.21, or 8.0.28.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle mysql
- version/oracle mysql/7.4.0
- version/oracle mysql/7.4.35
- version/oracle mysql/7.5.0
- version/oracle mysql/7.5.25
- version/oracle mysql/7.6.0
- version/oracle mysql/7.6.21
- version/oracle mysql/8.0.0
- version/oracle mysql/8.0.28
- vendor/netapp
- canonical/netapp active iq unified manager vmware vsphere
- canonical/netapp active iq unified manager windows
- canonical/netapp oncommand insight
- canonical/netapp snapcenter