CVE-2022-21332 in MySQL Clusterinfo

Summary

by MITRE • 01/19/2022

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 01/24/2022

The vulnerability identified as CVE-2022-21332 represents a significant security flaw within Oracle MySQL Cluster components, specifically affecting versions through 7.4.34, 7.5.24, 7.6.20, and 8.0.27. This issue falls under the CWE-284 access control weakness category, where improper access control mechanisms allow unauthorized parties to gain elevated privileges within the cluster environment. The vulnerability operates at the network layer, requiring an attacker to possess physical access to the communication segment connected to the MySQL Cluster hardware, which aligns with the CVSS vector indicating attack vector as adjacent network (AV:A) with high complexity (AC:H) and high privilege requirements (PR:H).

The technical implementation of this vulnerability stems from insufficient validation mechanisms within the MySQL Cluster's communication protocols, allowing malicious actors to manipulate cluster operations through carefully crafted network traffic. The requirement for human interaction suggests that while the attacker needs physical network access, additional user actions are necessary to complete the exploitation process, making it somewhat more difficult to automate. This characteristic places the vulnerability in the context of attack techniques described in the MITRE ATT&CK framework under initial access and privilege escalation domains, where adversaries must establish a foothold before achieving their objectives.

Operational impacts of successful exploitation can be devastating, potentially leading to complete compromise of the MySQL Cluster environment. The CVSS score of 6.3 indicates high severity across all three confidentiality, integrity, and availability impacts, meaning attackers could access sensitive data, modify database contents, and disrupt cluster operations entirely. This vulnerability directly threatens the foundational data integrity and availability that organizations rely upon for their database infrastructure, potentially affecting critical business operations and regulatory compliance requirements.

Organizations must implement comprehensive mitigation strategies addressing both the immediate technical fix and broader network security measures. The primary recommendation involves upgrading to patched versions of MySQL Cluster, which addresses the core access control flaws. Additionally, network segmentation should be implemented to isolate MySQL Cluster environments from general network traffic, reducing the attack surface for physical access-based exploitation. Network monitoring solutions should be deployed to detect anomalous communication patterns that might indicate exploitation attempts, while access controls should be strengthened to ensure only authorized personnel can interact with cluster management interfaces. These measures align with defense-in-depth principles and help reduce the risk of successful exploitation through physical network access, particularly when combined with proper network access control and monitoring capabilities.

Responsible

Oracle

Reservation

11/15/2021

Disclosure

01/19/2022

Moderation

accepted

CPE

ready

EPSS

0.02621

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!