CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
AI Score
Confidence
High
EPSS
Percentile
69.5%
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7119 advisory.
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413)
* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575, CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253, CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342, CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21569, CVE-2022-21265)
* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344, CVE-2022-21415)
* mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596)
* mysql: C API unspecified vulnerability (CVE-2021-35597)
* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630, CVE-2022-21515)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348, CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537, CVE-2022-21539, CVE-2022-21423)
* mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608, CVE-2022-21256, CVE-2022-21379, CVE-2022-21454)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622, CVE-2022-21358, CVE-2022-21372, CVE-2022-21538)
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624, CVE-2022-21245, CVE-2021-35625)
* mysql: Server: GIS unspecified vulnerability (CVE-2021-35631)
* mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632)
* mysql: Server: PS unspecified vulnerability (CVE-2021-35637)
* mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303, CVE-2022-21522, CVE-2022-21534)
* mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427)
* mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547)
* mysql: Server: Parser unspecified vulnerability (CVE-2022-21304)
* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374)
* mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367)
* mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640, CVE-2022-21249)
* mysql: Server: PAM Auth Plugin unspecified vulnerability (CVE-2022-21457)
* mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633)
* mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623)
Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# AlmaLinux Security Advisory ALSA-2022:7119.
##
include('compat.inc');
if (description)
{
script_id(166504);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/10");
script_cve_id(
"CVE-2021-2478",
"CVE-2021-2479",
"CVE-2021-2481",
"CVE-2021-35546",
"CVE-2021-35575",
"CVE-2021-35577",
"CVE-2021-35591",
"CVE-2021-35596",
"CVE-2021-35597",
"CVE-2021-35602",
"CVE-2021-35604",
"CVE-2021-35607",
"CVE-2021-35608",
"CVE-2021-35610",
"CVE-2021-35612",
"CVE-2021-35622",
"CVE-2021-35623",
"CVE-2021-35624",
"CVE-2021-35625",
"CVE-2021-35626",
"CVE-2021-35627",
"CVE-2021-35628",
"CVE-2021-35630",
"CVE-2021-35631",
"CVE-2021-35632",
"CVE-2021-35633",
"CVE-2021-35634",
"CVE-2021-35635",
"CVE-2021-35636",
"CVE-2021-35637",
"CVE-2021-35638",
"CVE-2021-35639",
"CVE-2021-35640",
"CVE-2021-35641",
"CVE-2021-35642",
"CVE-2021-35643",
"CVE-2021-35644",
"CVE-2021-35645",
"CVE-2021-35646",
"CVE-2021-35647",
"CVE-2021-35648",
"CVE-2022-21245",
"CVE-2022-21249",
"CVE-2022-21253",
"CVE-2022-21254",
"CVE-2022-21256",
"CVE-2022-21264",
"CVE-2022-21265",
"CVE-2022-21270",
"CVE-2022-21278",
"CVE-2022-21297",
"CVE-2022-21301",
"CVE-2022-21302",
"CVE-2022-21303",
"CVE-2022-21304",
"CVE-2022-21339",
"CVE-2022-21342",
"CVE-2022-21344",
"CVE-2022-21348",
"CVE-2022-21351",
"CVE-2022-21352",
"CVE-2022-21358",
"CVE-2022-21362",
"CVE-2022-21367",
"CVE-2022-21368",
"CVE-2022-21370",
"CVE-2022-21372",
"CVE-2022-21374",
"CVE-2022-21378",
"CVE-2022-21379",
"CVE-2022-21412",
"CVE-2022-21413",
"CVE-2022-21414",
"CVE-2022-21415",
"CVE-2022-21417",
"CVE-2022-21418",
"CVE-2022-21423",
"CVE-2022-21425",
"CVE-2022-21427",
"CVE-2022-21435",
"CVE-2022-21436",
"CVE-2022-21437",
"CVE-2022-21438",
"CVE-2022-21440",
"CVE-2022-21444",
"CVE-2022-21451",
"CVE-2022-21452",
"CVE-2022-21454",
"CVE-2022-21457",
"CVE-2022-21459",
"CVE-2022-21460",
"CVE-2022-21462",
"CVE-2022-21478",
"CVE-2022-21479",
"CVE-2022-21509",
"CVE-2022-21515",
"CVE-2022-21517",
"CVE-2022-21522",
"CVE-2022-21525",
"CVE-2022-21526",
"CVE-2022-21527",
"CVE-2022-21528",
"CVE-2022-21529",
"CVE-2022-21530",
"CVE-2022-21531",
"CVE-2022-21534",
"CVE-2022-21537",
"CVE-2022-21538",
"CVE-2022-21539",
"CVE-2022-21547",
"CVE-2022-21553",
"CVE-2022-21569"
);
script_xref(name:"ALSA", value:"2022:7119");
script_name(english:"AlmaLinux 8 : mysql:8.0 (ALSA-2022:7119)");
script_set_attribute(attribute:"synopsis", value:
"The remote AlmaLinux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
ALSA-2022:7119 advisory.
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591,
CVE-2021-35607, CVE-2022-21301, CVE-2022-21413)
* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575,
CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628,
CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642,
CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253,
CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342,
CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435,
CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459,
CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526,
CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553,
CVE-2022-21569, CVE-2022-21265)
* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344,
CVE-2022-21415)
* mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596)
* mysql: C API unspecified vulnerability (CVE-2021-35597)
* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630,
CVE-2022-21515)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348,
CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537,
CVE-2022-21539, CVE-2022-21423)
* mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608,
CVE-2022-21256, CVE-2022-21379, CVE-2022-21454)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622,
CVE-2022-21358, CVE-2022-21372, CVE-2022-21538)
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624,
CVE-2022-21245, CVE-2021-35625)
* mysql: Server: GIS unspecified vulnerability (CVE-2021-35631)
* mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632)
* mysql: Server: PS unspecified vulnerability (CVE-2021-35637)
* mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303,
CVE-2022-21522, CVE-2022-21534)
* mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427)
* mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547)
* mysql: Server: Parser unspecified vulnerability (CVE-2022-21304)
* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374)
* mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367)
* mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640,
CVE-2022-21249)
* mysql: Server: PAM Auth Plugin unspecified vulnerability (CVE-2022-21457)
* mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633)
* mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623)
Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.almalinux.org/8/ALSA-2022-7119.html");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-21368");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-21351");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/10/19");
script_set_attribute(attribute:"patch_publication_date", value:"2022/10/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/10/25");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mecab-ipadic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mecab-ipadic-EUCJP");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mysql-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mysql-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mysql-errmsg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mysql-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mysql-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mysql-test");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8");
script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8::appstream");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:mecab");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Alma Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AlmaLinux/release", "Host/AlmaLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/AlmaLinux/release');
if (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');
var os_ver = pregmatch(pattern: "AlmaLinux release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);
if (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);
var module_ver = get_kb_item('Host/AlmaLinux/appstream/mysql');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module mysql:8.0');
if ('8.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module mysql:' + module_ver);
var appstreams = {
'mysql:8.0': [
{'reference':'mecab-0.996-2.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-0.996-2.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-EUCJP-2.7.0.20070801-16.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-EUCJP-2.7.0.20070801-16.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-common-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-common-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-errmsg-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-errmsg-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-8.0.30-1.module_el8.6.0+3340+d764b636', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
};
var flag = 0;
var appstreams_found = 0;
foreach var module (keys(appstreams)) {
var appstream = NULL;
var appstream_name = NULL;
var appstream_version = NULL;
var appstream_split = split(module, sep:':', keep:FALSE);
if (!empty_or_null(appstream_split)) {
appstream_name = appstream_split[0];
appstream_version = appstream_split[1];
if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);
}
if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
appstreams_found++;
foreach var package_array ( appstreams[module] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
}
if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module mysql:8.0');
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mecab / mecab-ipadic / mecab-ipadic-EUCJP / mysql / mysql-common / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2481
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35546
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35577
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35591
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35602
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35604
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35607
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35610
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35628
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35630
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35631
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35632
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35633
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35634
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35635
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35636
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35637
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35639
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35640
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35641
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35642
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35643
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35644
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35645
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35646
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21245
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21253
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21254
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21256
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21264
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21265
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21270
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21278
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21297
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21301
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21302
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21303
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21304
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21339
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21342
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21344
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21348
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21352
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21358
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21362
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21367
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21368
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21370
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21372
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21374
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21378
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21379
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21412
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21413
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21414
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21423
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21425
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21427
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21435
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21437
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21438
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21440
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21452
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21454
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21457
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21460
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21462
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21509
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21515
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21517
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21522
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21525
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21526
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21527
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21528
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21529
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21531
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21534
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21537
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21553
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21569
errata.almalinux.org/8/ALSA-2022-7119.html
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
AI Score
Confidence
High
EPSS
Percentile
69.5%