How severe is CVE-2022-21550?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Is CVE-2022-21550 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Oracle Corporation Mysql Cluster

CVE-2022-21550

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29 and prior. Difficult to exploit vulnerab…

EPSS: 0.507 (98.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H.

Affected products

Oracle Corporation Mysql Cluster — versions 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

www.oracle.com/security-alerts/cpujul2022.html (x_refsource_MISC)
security.netapp.com/advisory/ntap-20220729-0004/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2022-21550?: CVE-2022-21550 is a medium-severity vulnerability in Oracle Corporation Mysql Cluster. CVSS score: 6.3/10. Published 2022-07-19.
How severe is CVE-2022-21550?: Medium severity. CVSS v3 base score is 6.3 out of 10.
Is CVE-2022-21550 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.