Vulnerabilities > CVE-2022-21535 - Unspecified vulnerability in Oracle Mysql Shell

CVSS 2.5 - LOW

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

local

high complexity

oracle

NVD

Published: 2022-07-19

Updated: 2022-07-23

Summary

Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: General/Core Client). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Shell. CVSS 3.1 Base Score 2.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Mysql Shell - Oracle Mysql Shell 1.0.30 Oracle Mysql Shell 1.0.31 Oracle Mysql Shell 1.1.0 Oracle Mysql Shell 1.1.1 Oracle Mysql Shell 1.1.2 Oracle Mysql Shell 1.1.3 Oracle Mysql Shell 1.1.4 Oracle Mysql Shell 1.1.5 Oracle Mysql Shell 1.1.6 Oracle Mysql Shell 1.1.7 Oracle Mysql Shell 1.1.8 Oracle Mysql Shell 1.2.1 Oracle Mysql Shell 1.2.2 Oracle Mysql Shell 1.3.0 Oracle Mysql Shell 1.3.1 Oracle Mysql Shell 8.0.28	17

References

https://www.oracle.com/security-alerts/cpujul2022.html