CVE-2022-39402
Summary
| CVE | CVE-2022-39402 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-10-18 21:15:00 UTC |
| Updated | 2022-10-20 05:23:00 UTC |
| Description | Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. While the vulnerability is in MySQL Shell, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Shell accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N). |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Oracle Critical Patch Update Advisory - October 2022 | MISC | www.oracle.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 690971 Free Berkeley Software Distribution (FreeBSD) Security Update for mysql (4b9c1c17-587c-11ed-856e-d4c9ef517024)
- 904275 Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (11260)
- 904299 Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (11216)
- 904398 Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (11216-1)
- 904555 Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (11260-1)