How severe is CVE-2021-35592?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Is CVE-2021-35592 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Oracle Corporation Mysql Cluster

CVE-2021-35592

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high priv…

EPSS: 0.514 (98.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H.

Affected products

Oracle Corporation Mysql Cluster — versions 7.5.23 and prior, 7.6.19 and prior, 8.0.26 and prior

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

www.oracle.com/security-alerts/cpuoct2021.html (x_refsource_MISC)
www.zerodayinitiative.com/advisories/ZDI-21-1228/ (x_refsource_MISC)
security.netapp.com/advisory/ntap-20211022-0003/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2021-35592?: CVE-2021-35592 is a medium-severity vulnerability in Oracle Corporation Mysql Cluster. CVSS score: 6.3/10. Published 2021-10-20.
How severe is CVE-2021-35592?: Medium severity. CVSS v3 base score is 6.3 out of 10.
Is CVE-2021-35592 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.