cvelist/2022/21xxx/CVE-2022-21363.json

    {
        "data_type": "CVE",
        "data_format": "MITRE",
        "data_version": "4.0",
        "CVE_data_meta": {
            "ASSIGNER": "secalert_us@oracle.com",
            "ID": "CVE-2022-21363"
        },
        "affects": {
            "vendor": {
                "vendor_data": [
                    {
                        "product": {
                            "product_data": [
                                {
                                    "product_name": "MySQL Connectors",
                                    "version": {
                                        "version_data": [
                                            {
                                                "version_value": "8.0.27 and prior",
                                                "version_affected": "="
                                            }
                                        ]
                                    }
                                }
                            ]
                        },
                        "vendor_name": "Oracle Corporation"
                    }
                ]
            }
        },
        "description": {
            "description_data": [
                {
                    "lang": "eng",
                    "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).  Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
                }
            ]
        },
        "impact": {
            "cvss": {
                "baseScore": "6.6",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
            }
        },
        "problemtype": {
            "problemtype_data": [
                {
                    "description": [
                        {
                            "lang": "eng",
                            "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors."
                        }
                    ]
                }
            ]
        },
        "references": {
            "reference_data": [
                {
                    "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
                }
            ]
        }
    }
Oracle 2022 January CPU Committer: Bill Situ <Bill.Situ@oracle.com> On branch cna/Oracle/CPU2022Jan Changes to be committed: modified: 2020/14xxx/CVE-2020-14756.json modified: 2020/2xxx/CVE-2020-2934.json modified: 2021/2xxx/CVE-2021-2351.json modified: 2021/35xxx/CVE-2021-35587.json modified: 2021/35xxx/CVE-2021-35683.json modified: 2021/35xxx/CVE-2021-35686.json modified: 2021/35xxx/CVE-2021-35687.json modified: 2022/21xxx/CVE-2022-21242.json modified: 2022/21xxx/CVE-2022-21243.json modified: 2022/21xxx/CVE-2022-21244.json modified: 2022/21xxx/CVE-2022-21245.json modified: 2022/21xxx/CVE-2022-21246.json modified: 2022/21xxx/CVE-2022-21247.json modified: 2022/21xxx/CVE-2022-21248.json modified: 2022/21xxx/CVE-2022-21249.json modified: 2022/21xxx/CVE-2022-21250.json modified: 2022/21xxx/CVE-2022-21251.json modified: 2022/21xxx/CVE-2022-21252.json modified: 2022/21xxx/CVE-2022-21253.json modified: 2022/21xxx/CVE-2022-21254.json modified: 2022/21xxx/CVE-2022-21255.json modified: 2022/21xxx/CVE-2022-21256.json modified: 2022/21xxx/CVE-2022-21257.json modified: 2022/21xxx/CVE-2022-21258.json modified: 2022/21xxx/CVE-2022-21259.json modified: 2022/21xxx/CVE-2022-21260.json modified: 2022/21xxx/CVE-2022-21261.json modified: 2022/21xxx/CVE-2022-21262.json modified: 2022/21xxx/CVE-2022-21263.json modified: 2022/21xxx/CVE-2022-21264.json modified: 2022/21xxx/CVE-2022-21265.json modified: 2022/21xxx/CVE-2022-21266.json modified: 2022/21xxx/CVE-2022-21267.json modified: 2022/21xxx/CVE-2022-21268.json modified: 2022/21xxx/CVE-2022-21269.json modified: 2022/21xxx/CVE-2022-21270.json modified: 2022/21xxx/CVE-2022-21271.json modified: 2022/21xxx/CVE-2022-21272.json modified: 2022/21xxx/CVE-2022-21273.json modified: 2022/21xxx/CVE-2022-21274.json modified: 2022/21xxx/CVE-2022-21275.json modified: 2022/21xxx/CVE-2022-21276.json modified: 2022/21xxx/CVE-2022-21277.json modified: 2022/21xxx/CVE-2022-21278.json modified: 2022/21xxx/CVE-2022-21279.json modified: 2022/21xxx/CVE-2022-21280.json modified: 2022/21xxx/CVE-2022-21281.json modified: 2022/21xxx/CVE-2022-21282.json modified: 2022/21xxx/CVE-2022-21283.json modified: 2022/21xxx/CVE-2022-21284.json modified: 2022/21xxx/CVE-2022-21285.json modified: 2022/21xxx/CVE-2022-21286.json modified: 2022/21xxx/CVE-2022-21287.json modified: 2022/21xxx/CVE-2022-21288.json modified: 2022/21xxx/CVE-2022-21289.json modified: 2022/21xxx/CVE-2022-21290.json modified: 2022/21xxx/CVE-2022-21291.json modified: 2022/21xxx/CVE-2022-21292.json modified: 2022/21xxx/CVE-2022-21293.json modified: 2022/21xxx/CVE-2022-21294.json modified: 2022/21xxx/CVE-2022-21295.json modified: 2022/21xxx/CVE-2022-21296.json modified: 2022/21xxx/CVE-2022-21297.json modified: 2022/21xxx/CVE-2022-21298.json modified: 2022/21xxx/CVE-2022-21299.json modified: 2022/21xxx/CVE-2022-21300.json modified: 2022/21xxx/CVE-2022-21301.json modified: 2022/21xxx/CVE-2022-21302.json modified: 2022/21xxx/CVE-2022-21303.json modified: 2022/21xxx/CVE-2022-21304.json modified: 2022/21xxx/CVE-2022-21305.json modified: 2022/21xxx/CVE-2022-21306.json modified: 2022/21xxx/CVE-2022-21307.json modified: 2022/21xxx/CVE-2022-21308.json modified: 2022/21xxx/CVE-2022-21309.json modified: 2022/21xxx/CVE-2022-21310.json modified: 2022/21xxx/CVE-2022-21311.json modified: 2022/21xxx/CVE-2022-21312.json modified: 2022/21xxx/CVE-2022-21313.json modified: 2022/21xxx/CVE-2022-21314.json modified: 2022/21xxx/CVE-2022-21315.json modified: 2022/21xxx/CVE-2022-21316.json modified: 2022/21xxx/CVE-2022-21317.json modified: 2022/21xxx/CVE-2022-21318.json modified: 2022/21xxx/CVE-2022-21319.json modified: 2022/21xxx/CVE-2022-21320.json modified: 2022/21xxx/CVE-2022-21321.json modified: 2022/21xxx/CVE-2022-21322.json modified: 2022/21xxx/CVE-2022-21323.json modified: 2022/21xxx/CVE-2022-21324.json modified: 2022/21xxx/CVE-2022-21325.json modified: 2022/21xxx/CVE-2022-21326.json modified: 2022/21xxx/CVE-2022-21327.json modified: 2022/21xxx/CVE-2022-21328.json modified: 2022/21xxx/CVE-2022-21329.json modified: 2022/21xxx/CVE-2022-21330.json modified: 2022/21xxx/CVE-2022-21331.json modified: 2022/21xxx/CVE-2022-21332.json modified: 2022/21xxx/CVE-2022-21333.json modified: 2022/21xxx/CVE-2022-21334.json modified: 2022/21xxx/CVE-2022-21335.json modified: 2022/21xxx/CVE-2022-21336.json modified: 2022/21xxx/CVE-2022-21337.json modified: 2022/21xxx/CVE-2022-21338.json modified: 2022/21xxx/CVE-2022-21339.json modified: 2022/21xxx/CVE-2022-21340.json modified: 2022/21xxx/CVE-2022-21341.json modified: 2022/21xxx/CVE-2022-21342.json modified: 2022/21xxx/CVE-2022-21344.json modified: 2022/21xxx/CVE-2022-21345.json modified: 2022/21xxx/CVE-2022-21346.json modified: 2022/21xxx/CVE-2022-21347.json modified: 2022/21xxx/CVE-2022-21348.json modified: 2022/21xxx/CVE-2022-21349.json modified: 2022/21xxx/CVE-2022-21350.json modified: 2022/21xxx/CVE-2022-21351.json modified: 2022/21xxx/CVE-2022-21352.json modified: 2022/21xxx/CVE-2022-21353.json modified: 2022/21xxx/CVE-2022-21354.json modified: 2022/21xxx/CVE-2022-21355.json modified: 2022/21xxx/CVE-2022-21356.json modified: 2022/21xxx/CVE-2022-21357.json modified: 2022/21xxx/CVE-2022-21358.json modified: 2022/21xxx/CVE-2022-21359.json modified: 2022/21xxx/CVE-2022-21360.json modified: 2022/21xxx/CVE-2022-21361.json modified: 2022/21xxx/CVE-2022-21362.json modified: 2022/21xxx/CVE-2022-21363.json modified: 2022/21xxx/CVE-2022-21364.json modified: 2022/21xxx/CVE-2022-21365.json modified: 2022/21xxx/CVE-2022-21366.json modified: 2022/21xxx/CVE-2022-21367.json modified: 2022/21xxx/CVE-2022-21368.json modified: 2022/21xxx/CVE-2022-21369.json modified: 2022/21xxx/CVE-2022-21370.json modified: 2022/21xxx/CVE-2022-21371.json modified: 2022/21xxx/CVE-2022-21372.json modified: 2022/21xxx/CVE-2022-21373.json modified: 2022/21xxx/CVE-2022-21374.json modified: 2022/21xxx/CVE-2022-21375.json modified: 2022/21xxx/CVE-2022-21376.json modified: 2022/21xxx/CVE-2022-21377.json modified: 2022/21xxx/CVE-2022-21378.json modified: 2022/21xxx/CVE-2022-21379.json modified: 2022/21xxx/CVE-2022-21380.json modified: 2022/21xxx/CVE-2022-21381.json modified: 2022/21xxx/CVE-2022-21382.json modified: 2022/21xxx/CVE-2022-21383.json modified: 2022/21xxx/CVE-2022-21386.json modified: 2022/21xxx/CVE-2022-21387.json modified: 2022/21xxx/CVE-2022-21388.json modified: 2022/21xxx/CVE-2022-21389.json modified: 2022/21xxx/CVE-2022-21390.json modified: 2022/21xxx/CVE-2022-21391.json modified: 2022/21xxx/CVE-2022-21392.json modified: 2022/21xxx/CVE-2022-21393.json modified: 2022/21xxx/CVE-2022-21394.json modified: 2022/21xxx/CVE-2022-21395.json modified: 2022/21xxx/CVE-2022-21396.json modified: 2022/21xxx/CVE-2022-21397.json modified: 2022/21xxx/CVE-2022-21398.json modified: 2022/21xxx/CVE-2022-21399.json modified: 2022/21xxx/CVE-2022-21400.json modified: 2022/21xxx/CVE-2022-21401.json modified: 2022/21xxx/CVE-2022-21402.json modified: 2022/21xxx/CVE-2022-21403.json 2022-01-18 13:54:33 -08:00			`{`
			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"data_version": "4.0",`
			`"CVE_data_meta": {`
			`"ASSIGNER": "secalert_us@oracle.com",`
			`"ID": "CVE-2022-21363"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "MySQL Connectors",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "8.0.27 and prior",`
			`"version_affected": "="`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Oracle Corporation"`
			`}`
			`]`
			`}`
			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			"value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
			`}`
			`]`
			`},`
			`"impact": {`
			`"cvss": {`
			`"baseScore": "6.6",`
			`"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",`
			`"version": "3.1"`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors."`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://www.oracle.com/security-alerts/cpujan2022.html"`
			`}`
			`]`
			`}`
			`}`