CVE-2022-21363

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*

History

27 May 2022, 14:50

Type Values Removed Values Added
First Time Quarkus
Quarkus quarkus
CPE cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*

27 Apr 2022, 15:26

Type Values Removed Values Added
CPE cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*
First Time Oracle mysql Connectors

24 Jan 2022, 20:03

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : 6.6
v2 : 6.0
v3 : 6.6
First Time Oracle
Oracle mysql
CPE cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
References (MISC) https://www.oracle.com/security-alerts/cpujan2022.html - (MISC) https://www.oracle.com/security-alerts/cpujan2022.html - Vendor Advisory

19 Jan 2022, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-01-19 12:15

Updated : 2023-12-10 14:09


NVD link : CVE-2022-21363

Mitre link : CVE-2022-21363

CVE.ORG link : CVE-2022-21363


JSON object : View

Products Affected

oracle

  • mysql_connectors

quarkus

  • quarkus