CVE-2022-21374 in MySQL Server
Summary
by MITRE • 01/19/2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2022-21374 resides within the MySQL Server component known as Server: Information Schema, affecting MySQL versions 8.0.27 and earlier. This represents a significant security concern for database administrators and system operators who rely on Oracle MySQL for critical data operations. The vulnerability operates within the information schema subsystem, which serves as a metadata repository for database objects and provides information about the database structure, tables, columns, and other system components. The flaw manifests in how the server processes certain information schema queries, creating an exploitable condition that can be leveraged by malicious actors.
The technical nature of this vulnerability stems from insufficient input validation and error handling within the information schema processing logic. Attackers with high privileged access and network connectivity can craft specific queries that trigger memory corruption or resource exhaustion conditions within the MySQL server process. This exploitation mechanism allows for the deliberate manipulation of the server's internal state through carefully constructed information schema requests that bypass normal validation checks. The vulnerability's classification as easily exploitable indicates that the attack vector requires minimal complexity to execute successfully, making it particularly dangerous in environments where privileged network access is possible. The CVSS score of 4.9 reflects the availability impact, specifically the potential for complete denial of service through server hangs or repeated crashes.
The operational impact of this vulnerability extends beyond simple service disruption to potentially compromise entire database operations and business continuity. When successfully exploited, the vulnerability can cause MySQL Server to enter a state of continuous hanging or frequent crashes, effectively rendering the database service unavailable to legitimate users and applications. This type of denial of service attack can have cascading effects throughout enterprise systems that depend on MySQL for data persistence and transaction processing. The complete DOS condition means that database services may require manual intervention and restart to restore normal operations, leading to significant downtime and potential data integrity concerns during recovery processes.
Organizations should prioritize immediate patching of affected MySQL installations to address this vulnerability, as the affected versions 8.0.27 and prior contain the exploitable flaw. The recommended mitigation strategy involves upgrading to MySQL Server version 8.0.28 or later, which contains the necessary security fixes. Additionally, network segmentation and access control measures should be implemented to limit privileged network access to MySQL servers, reducing the attack surface for potential exploitation. Security monitoring should be enhanced to detect unusual information schema query patterns that might indicate exploitation attempts. From a compliance perspective, this vulnerability aligns with CWE-121, which addresses buffer overflow conditions, and may relate to ATT&CK techniques involving service stoppage and denial of service attacks. System administrators should also consider implementing database activity monitoring solutions that can detect and alert on anomalous information schema queries that could indicate exploitation attempts.