China National Vulnerability DatabaseCNVD-2022-18215Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-18215)
6.3 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
4 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:H/Au:S/C:P/I:P/A:P
MySQL Cluster is a write-scalable, real-time, ACID-compliant transactional database designed to guarantee 99.999% availability.Oracle MySQL Cluster is vulnerable to an input validation error that stems from a lack of proper validation of user-supplied data, which can be exploited by an attacker to execute code in the context of a service account.
| CPE | Name | Operator | Version |
|---|---|---|---|
| oracle mysql cluster | le | 7.4.33 | |
| oracle mysql cluster | le | 7.5.23 | |
| oracle mysql cluster | le | 7.6.19 | |
| oracle mysql cluster | le | 8.0.26 |
Related
6.3 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
4 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:H/Au:S/C:P/I:P/A:P