CVE-2022-21245 in MySQL Server
Summary
by MITRE • 01/19/2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2022-21245 represents a significant security flaw within Oracle MySQL Server that affects multiple version ranges including 5.7.36 and earlier, as well as 8.0.27 and prior releases. This weakness resides within the Server: Security: Privileges component of the MySQL database system, making it particularly concerning for organizations that rely heavily on database security controls. The vulnerability's classification as easily exploitable indicates that attackers with minimal privileges and network access can potentially leverage this flaw to compromise database integrity.
The technical nature of this vulnerability stems from insufficient privilege checks within the MySQL Server implementation, allowing attackers with low privileges to execute unauthorized operations against database resources. Specifically, successful exploitation enables attackers to perform unauthorized update, insert, or delete operations on certain data accessible through the MySQL Server. This represents a direct violation of the principle of least privilege and undermines the fundamental security model that database systems are designed to enforce. The vulnerability's CVSS 3.1 base score of 4.3 reflects its moderate severity, with integrity impacts being the primary concern, though it does not directly affect confidentiality or availability aspects of the system.
The operational impact of this vulnerability extends beyond simple data manipulation, as it creates potential pathways for more sophisticated attacks that could lead to data corruption, unauthorized data access, or even privilege escalation within the database environment. Attackers exploiting this vulnerability can compromise sensitive information stored within MySQL databases without requiring elevated privileges, making it particularly dangerous in environments where database access controls are not properly enforced. The fact that this vulnerability can be exploited via multiple protocols increases its attack surface and makes it more challenging to defend against, as organizations must secure various network entry points rather than focusing on a single attack vector.
Organizations affected by this vulnerability should prioritize immediate patching of their MySQL Server installations to the latest supported versions that contain the necessary security fixes. The mitigation strategy should also include comprehensive network segmentation to limit access to database servers, implementation of strict access controls, and regular monitoring of database activities for suspicious operations. Additionally, security teams should review and validate existing privilege assignments to ensure that users have only the minimum necessary permissions for their operational requirements. This vulnerability aligns with CWE-284 (Improper Access Control) and may be categorized under ATT&CK techniques related to privilege escalation and data manipulation. Organizations should also consider implementing database activity monitoring solutions to detect potential exploitation attempts and maintain detailed audit trails of database operations to facilitate incident response efforts.