VDB
CVE-2022-21451
CVE-2022-21451
PUBLISHED
CVSS 6.900000095367432 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
EPSS 0.23% · 46.4th percentile
Risk Scores
CVSS v4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.23%
46.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | mariadb | 0, 0, 10.3.0 |
| Bitnami | mariadb-min | 10.5.0, 10.4.0, 10.3.0 |
| Bitnami | mysql-client | 10.3.0, 10.5.0, 10.4.0 |
| Bitnami | mariadb | 10.5.0, 10.4.0, 10.3.0 |
| Bitnami | mysql-client | 10.3.0, 10.3.0, 10.4.0 |
| Bitnami | mariadb-min | 10.4.0, 0, 10.3.0 |
Timeline
- Apr 19, 2022 CVE Published
- Apr 20, 2022 EPSS Score
- Jun 9, 2022 EPSS Score
- Jul 30, 2022 EPSS Score
- Sep 18, 2022 EPSS Score
- Nov 7, 2022 EPSS Score
- Dec 27, 2022 EPSS Score
- Feb 15, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 6, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 14, 2023 EPSS Score