CVE-2022-21555

Name of the Vulnerable Software and Affected Versions MySQL Shell for VS Code versions 1.1.8 and prior

Description The issue is related to insecure privilege management in the MySQL Shell for VS Code component. It allows an attacker to gain read, modify, or delete access to data. The vulnerability can be exploited by a high-privileged attacker with logon access to the infrastructure where MySQL Shell for VS Code is executed. Successful attacks require human interaction from a person other than the attacker and may significantly impact additional products. Attacks can result in unauthorized update, insert, or delete access to some MySQL Shell for VS Code accessible data, as well as unauthorized read access to a subset of MySQL Shell for VS Code accessible data.

Recommendations For versions 1.1.8 and prior, update to a version that addresses the insecure privilege management issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.