Vulnerable versions of MySQL Server are 8.0.28 and prior. Note: This issue was previously announced as fixed in 8.0.10, but the fix was reverted in 8.0.28. CVSS 3.0 Base Score 6.5 (Critical severity). CVSS Temporal Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L). Note: Software versions of MySQL 5.5 and earlier are not CVSS v3.0 compliant and are vulnerable to CVSS v3.1 attacks. Vulnerable software versions - 5.5.41 and earlier; 5.6.26 and earlier; 5.7.12 and earlier; 5.8.4 and earlier; 5.9.1 and earlier; 5.10.0 and earlier. Serach for the following string to determine the correct upgrade path for your software version:
Mysql 8.0.28 and Prior - CVSS VULNERABILITY - HIGH CVSS Base Score - 6.5
MySQL 5.5.41 and prior - CVSS VULNERABILITY - MEDIUM CVSS Base Score - 5.9
MySQL 5.6.25 and prior - CVSS VULNERABILITY - MEDIUM CVSS Base Score - 5.9
MySQL 5
MySQL 5.7.12 and prior
MySQL 5.7.12 and prior - CVSS VULNERABILITY - MEDIUM CVSS Base Score - 5.9
MySQL 5.8.4 and prior - CVSS VULNERABILITY - MEDIUM CVSS Base Score - 5.9
MySQL 5.9.1 and prior - CVSS VULNERABILITY - HIGH CVSS Base Score - 6.5
MySQL 5
5.9 MySQL 5.9 and prior are not vulnerable to CVE-2022-21607
MySQL 5.7.12 and prior are not vulnerable to CVE-2022-21607
MySQL 5.8.4 and prior are not vulnerable to CVE-2022-21607
MySQL 5.10.0 is not vulnerable to CVE-2022-21607
Software Description:
MySQL is a widely used open-source relational database management system (RDBMS) that provides data storage and retrieval services.
CVE-2022-21803
Vulnerable versions of MySQL Server are 8.0.18 and prior. CVSS 3.0 Base Score 6.5 (Critical severity). CVSS Temporal Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L). Note: Software versions of MySQL 5.5 and earlier are not CVSS v3.0 compliant and are vulnerable to CVSS v3.1 attacks. Vulnerable software versions - 5.5.41 and earlier; 5.6.26 and earlier; 5.7.12 and earlier; 5.8.4 and earlier; 5 .9 .1 and earlier; 5 .10 .0 and earlier
Timeline
Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/18/2022 21:18:00 UTC