CVE-2022-21535
LowCVSS 2.5Exploitation Probability (EPSS)
Low risk38th percentile — higher than 38% of all known CVEs
Summary
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: General/Core Client) affects versions 8.0.28 and prior. It allows an unauthenticated attacker with access to the infrastructure where MySQL Shell runs to compromise it, requiring interaction from a person other than the attacker.
Risk Assessment
Successful attacks can lead to unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Shell, potentially impacting service availability in the organization.
Recommendation
It is recommended to update MySQL Shell to the latest version to minimize the risk associated with this vulnerability.
Original NVD description (English source)
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: General/Core Client). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Shell. CVSS 3.1 Base Score 2.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).

