VDB
CVE-2022-21427
CVE-2022-21427
PUBLISHED
CVSS 6.900000095367432 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
EPSS 0.07% · 22.2th percentile
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.07%
22.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | mariadb | 10.3.0, 10.4.0, 10.5.0 |
| Bitnami | mariadb | 10.3.0, 10.4.0, 10.5.0 |
| Bitnami | mariadb-min | 10.4.0, 10.5.0, 10.3.0 |
| Bitnami | mysql-client | 10.5.0, 0, 10.3.0 |
| Bitnami | mariadb-min | 10.5.0, 0, 0 |
| Bitnami | mysql-client | 10.3.0, 10.4.0, 10.5.0 |
Timeline
- CVE Published
- Apr 20, 2022 EPSS Score
- Jun 9, 2022 EPSS Score
- Jul 30, 2022 EPSS Score
- Sep 18, 2022 EPSS Score
- Nov 7, 2022 EPSS Score
- Dec 27, 2022 EPSS Score
- Feb 15, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 6, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 15, 2023 EPSS Score