CVE-2022-21344 in MySQL Server
Summary
by MITRE • 01/19/2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2022-21344 represents a critical availability threat within Oracle MySQL Server's replication functionality, specifically affecting versions 5.7.36 and earlier, as well as 8.0.27 and prior releases. This flaw exists within the Server: Replication component of the MySQL ecosystem and demonstrates how replication mechanisms can be exploited to disrupt service availability. The vulnerability's classification as easily exploitable indicates that attackers with high privileges and network access can leverage this weakness through multiple protocols to compromise the target system, making it particularly dangerous in environments where replication is actively utilized for data synchronization and high availability configurations.
The technical nature of this vulnerability manifests as a condition that allows attackers to cause complete denial of service through either hanging or repeatedly crashing the MySQL Server process. This type of vulnerability falls under the Common Weakness Enumeration category of insufficient error handling or inadequate input validation, specifically related to replication protocols and server stability mechanisms. The CVSS 3.1 scoring system assigns this vulnerability a base score of 4.9 with a high availability impact, reflecting the potential for complete service disruption that can affect database operations, application availability, and overall system reliability. The attack vector requires network access and high privileges, suggesting that the exploit likely targets internal network communications or compromised administrative accounts rather than external reconnaissance.
From an operational impact perspective, successful exploitation of CVE-2022-21344 can result in significant business disruption as MySQL Server instances become unavailable for legitimate database operations. The vulnerability's potential to cause frequent crashes or hangs means that database services may experience repeated downtime, affecting applications that depend on consistent database access. This type of availability attack aligns with the ATT&CK framework's privilege escalation and denial of service tactics, where attackers leverage existing access to create persistent service interruptions. Organizations running MySQL replication setups are particularly vulnerable since the flaw directly impacts the core replication functionality that maintains data consistency across multiple database instances.
Mitigation strategies for this vulnerability should focus on immediate patching of affected MySQL versions, with the implementation of network segmentation to limit access to replication protocols, and enhanced monitoring of database server stability and replication status. Organizations should consider implementing access controls that restrict high-privilege network access and establish robust incident response procedures for detecting and responding to replication-related service disruptions. The vulnerability's classification as a high-privilege requirement suggests that proper access control and principle of least privilege implementations can significantly reduce the attack surface. Additionally, implementing database activity monitoring and anomaly detection systems can help identify potential exploitation attempts before they cause complete service outages, aligning with defensive strategies outlined in various cybersecurity frameworks including NIST SP 800-53 and ISO 27001 standards for database security management.