cbcvebase.
CVE-2022-21589
published 2022-10-18

CVE-2022-21589: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.39 and prior…

PriorityP277medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.91%
55.5th percentile
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Affected

5 ranges
VendorProductVersion rangeFixed in
debianmysql-8.0
oraclemysql5.7.0 – 5.7.39
oraclemysql8.0 – 8.0.16
oracle_corporationmysql_server
oracle_corporationmysql_server

Detection & IOCsextracted from sources · hover to see the quote

  • Affected versions: MySQL Server 5.7.39 and prior, and 8.0.16 and prior — patch targets are 5.7.40+ and 8.0.17+
  • Attack vector is network-accessible MySQL Protocol with low privileges required — monitor for low-privileged accounts performing unexpected privilege enumeration or data reads over the MySQL protocol
  • Vulnerable component is the Server: Security: Privileges subsystem — focus audit/logging on privilege-related queries and access control checks in MySQL
  • ·MariaDB packages across all tracked Red Hat and OpenStack distributions are confirmed NOT affected by this CVE
  • ·Ubuntu 16.04 ESM mitigation is achieved by updating MySQL to version 5.7.40 via standard system update

CVSS provenance

nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv4.3MEDIUM
vulncheck4.3MEDIUM
vendor_debian4.3LOW
vendor_oracle4.3MEDIUM
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.