Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-21550
HistoryJul 19, 2022 - 10:15 p.m.

CVE-2022-21550

2022-07-1922:15:12
[email protected]
web.nvd.nist.gov
56
7
oracle
mysql
cluster
vulnerability
cve-2022-21550
security
takeover
exploit
compromise

6.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

5.7 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).

Affected configurations

Vulners
NVD
Node
oraclemysql_clusterRange7.0.0โ€“7.4.36
OR
oraclemysql_clusterRange7.0.0โ€“7.5.26
OR
oraclemysql_clusterRange7.0.0โ€“7.6.22
OR
oraclemysql_clusterRange8.0.0โ€“8.0.29
VendorProductVersionCPE
oraclemysql_cluster*cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*
oraclemysql_cluster*cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*
oraclemysql_cluster*cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*
oraclemysql_cluster*cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "MySQL Cluster",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "7.4.36 and prior"
      },
      {
        "status": "affected",
        "version": "7.5.26 and prior"
      },
      {
        "status": "affected",
        "version": "7.6.22 and prior"
      },
      {
        "status": "affected",
        "version": "and 8.0.29 and prior"
      }
    ]
  }
]

Social References

More

Related

nvd 1
prion 1
cvelist 1
zdi 1
f5 1
ibm 2
nessus 1
freebsd 1
oracle 1
nvd
nvd
CVE-2022-21550
2022-07-19 22:15:12
prion
prion
Design/Logic Flaw
2022-07-19 22:15:00
cvelist
cvelist
CVE-2022-21550
2022-07-19 21:07:43
zdi
zdi
Oracle MySQL Cluster Data Node Integer Underflow Remote Code Execution Vulnerability
2022-07-27 00:00:00
f5
f5
K21037322 : Multiple MySQL vulnerabilities CVE-2022-21547, CVE-2022-21550, CVE-2022-21553, CVE-2022-21555, CVE-2022-21556
2022-09-06 00:00:00
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities in Oracleยฎ MySQL
2023-01-25 21:00:47
Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilties
2023-01-27 20:06:13
nessus
nessus
FreeBSD : MySQL -- Multiple vulnerabilities (8e150606-08c9-11ed-856e-d4c9ef517024)
2022-07-21 00:00:00
freebsd
freebsd
MySQL -- Multiple vulnerabilities
2022-07-19 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00

6.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

5.7 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON
Related for CVE-2022-21550
nvd1prion1cvelist1zdi1f51ibm2nessus1freebsd1oracle1