Improper Authorization
CVE-2022-21600
Summary
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are through 8.0.27. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in the takeover of MySQL Server.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- HIGH
- HIGH
- HIGH
CWE-285 - Improper Authorization
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
References
Advisory Timeline
- Published