CVE-2022-21256 in MySQL Server
Summary
by MITRE • 01/19/2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2022-21256 resides within the MySQL Server's Group Replication Plugin component, representing a critical availability threat that affects MySQL 8.0.27 and earlier versions. This flaw manifests as a denial of service condition that can be exploited by attackers with high privileges and network access through multiple protocols. The vulnerability's classification as easily exploitable underscores the significant risk it poses to MySQL deployments, particularly in production environments where database availability is paramount. The attack vector requires minimal complexity to execute, making it particularly dangerous in scenarios where privileged network access might be compromised or where insider threats exist.
The technical nature of this vulnerability involves a flaw within the Group Replication Plugin's handling of certain operations that leads to system instability. When exploited, the vulnerability causes the MySQL Server to either hang indefinitely or experience frequent crashes that result in complete system unavailability. This behavior directly maps to the availability impact category defined in the CVSS scoring system, where the base score of 4.9 reflects the severity of the potential disruption. The vulnerability's impact extends beyond simple service interruption to potentially causing complete system downtime that could affect business continuity and data access operations.
The operational implications of CVE-2022-21256 are substantial for organizations relying on MySQL Group Replication for database clustering and high availability. The vulnerability's ability to cause complete DOS conditions means that database services could become entirely inaccessible to legitimate users and applications. This risk is particularly acute in environments where Group Replication is used for mission-critical applications, as the disruption could cascade through dependent systems and services. The CVSS vector analysis reveals that the attack requires high privileges, suggesting that the vulnerability may be exploited by compromised accounts or insiders with elevated access rights, making it difficult to detect and prevent through standard network security measures.
Organizations should prioritize immediate remediation of this vulnerability through official Oracle patches and updates, as the affected versions represent a significant risk to database availability. The vulnerability's classification under CWE-119, which addresses memory access violations and improper access to memory, indicates that the flaw likely involves improper handling of memory operations within the Group Replication Plugin. Security teams should implement monitoring for unusual network activity patterns and system resource consumption that might indicate exploitation attempts. Additionally, the ATT&CK framework's T1499.004 technique for "Network Denial of Service" is relevant to understanding potential exploitation methods, while the vulnerability's privilege requirements align with T1068 for "Exploitation for Privilege Escalation" in threat modeling contexts. The recommended mitigation strategy involves applying the latest Oracle security patches while maintaining comprehensive network monitoring and access control measures to prevent unauthorized privileged access to MySQL systems.