Improper Authorization
CVE-2022-21316
Summary
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.x prior to 7.4.34, 7.5.x prior to 7.5.24, 7.6.x prior to 7.6.20, and 8.0.x prior to 8.0.27. Difficult-to-exploit vulnerability allows high privileged attackers to log on into the infrastructure where MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in a takeover of MySQL Cluster.
- HIGH
- LOCAL
- HIGH
- UNCHANGED
- REQUIRED
- HIGH
- HIGH
- HIGH
CWE-285 - Improper Authorization
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
References
Advisory Timeline
- Published