CVE-2022-21313

Name of the Vulnerable Software and Affected Versions MySQL Cluster versions 7.6.20 and prior MySQL Cluster versions 8.0.27 and prior

Description The issue is related to a buffer read overflow in memory when processing data nodes, allowing a highly privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service of MySQL Cluster.

Recommendations For MySQL Cluster versions 7.6.20 and prior, update to a version later than 7.6.20 to resolve the issue. For MySQL Cluster versions 8.0.27 and prior, update to a version later than 8.0.27 to resolve the issue. As a temporary workaround, consider restricting access to the physical communication segment attached to the hardware where the MySQL Cluster executes to minimize the risk of exploitation.