CVE-2022-21589 in MySQL Serverinfo

Summary

by MITRE • 10/19/2022

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 04/24/2026

The vulnerability identified as CVE-2022-21589 represents a significant security weakness within Oracle MySQL Server that affects multiple version ranges including 5.7.39 and earlier releases, as well as 8.0.16 and prior versions. This flaw resides within the Server: Security: Privileges component of the MySQL ecosystem, making it particularly concerning for database administrators who rely on proper privilege management for data protection. The vulnerability's classification as easily exploitable indicates that attackers with minimal technical expertise and network access can potentially leverage this weakness to compromise database systems. The CVSS 3.1 scoring system assigns a base score of 4.3, which reflects a medium severity level with specific emphasis on confidentiality impacts, while the vector notation AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N clearly delineates the attack characteristics including network accessibility, low attack complexity, low privilege requirements, and lack of user interaction.

The technical nature of this vulnerability stems from improper privilege validation mechanisms within the MySQL Server that fail to adequately enforce access controls for specific database operations. Attackers with low privileged accounts can exploit this weakness to gain unauthorized read access to a subset of data within the MySQL Server environment. This particular flaw does not provide write or delete capabilities, but the ability to read sensitive data represents a substantial risk to data confidentiality. The vulnerability affects multiple network protocols, meaning that attackers can potentially exploit it through various communication channels that MySQL supports, including TCP/IP connections and other network interfaces. This multi-protocol accessibility significantly increases the attack surface and makes the vulnerability more difficult to defend against through network segmentation alone.

The operational impact of CVE-2022-21589 extends beyond simple data theft, as it can lead to comprehensive information disclosure that may expose sensitive business data, personal information, or proprietary database content. Organizations running affected MySQL versions face potential compliance violations, especially in regulated environments where data protection requirements mandate strict access controls and audit trails. The vulnerability's ability to affect both MySQL 5.7 and 8.0 version streams means that enterprises with mixed database environments must carefully assess their entire infrastructure for exposure. Security professionals should note that this vulnerability aligns with CWE-284, which describes improper access control mechanisms, and represents a classic example of privilege escalation or bypass issues within database systems. The attack vector characteristics make this particularly dangerous in environments where database administrators have not implemented proper network segmentation or where default configurations leave systems vulnerable to external access.

Organizations should prioritize immediate remediation of this vulnerability through official Oracle patches and updates, as the low privilege requirements and network accessibility make this attack vector particularly attractive to threat actors. The recommended mitigation strategy includes applying the latest security patches from Oracle, implementing network-level controls such as firewall rules to restrict MySQL service access, and conducting comprehensive audits of database user privileges to ensure that least-privilege principles are properly enforced. Database administrators should also consider implementing additional monitoring solutions to detect anomalous access patterns that might indicate exploitation attempts. The vulnerability's classification within the ATT&CK framework would likely map to techniques involving privilege escalation and credential access, making it a significant concern for organizations that follow adversarial threat modeling approaches. Regular vulnerability assessments and penetration testing should include verification of MySQL server configurations to ensure that this specific vulnerability has been properly addressed and that no other similar privilege-related issues exist within the database infrastructure.

Responsible

Oracle

Reservation

11/15/2021

Disclosure

10/19/2022

Moderation

accepted

CPE

ready

EPSS

0.00911

KEV

no

Activities

low

Sources

Do you need the next level of professionalism?

Upgrade your account now!