CVE-2022-21413: 
MySQL vulnerability analysis and mitigation

CVE-2022-21413 is a vulnerability in MySQL Server that affects the Data Manipulation Language (DML) component. The vulnerability was disclosed in Oracle's Critical Patch Update of April 2022. It affects MySQL Server versions 5.7.37 and prior, and 8.0.28 and prior. This vulnerability allows high privileged attackers with network access to compromise MySQL Server through multiple protocols (NVD, Oracle CPU).

The vulnerability has been assigned a CVSS v3.1 base score of 4.9 (Medium), with the vector string AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. This indicates that the vulnerability requires network access and high privileges to exploit, but requires no user interaction. The attack complexity is low, and successful exploitation could result in high impact to availability (Security Advisory).

Successful exploitation of this vulnerability could allow an attacker to compromise MySQL Server's availability. The vulnerability specifically affects the DML (Data Manipulation Language) component, which could potentially impact database operations (Oracle CPU, Red Hat).

Oracle has released patches to address this vulnerability in their April 2022 Critical Patch Update. Users should upgrade to MySQL version 8.0.29 or later. For systems running MySQL 5.7, users should upgrade to version 5.7.38 or later. Organizations are strongly recommended to apply these security patches as soon as possible (Ubuntu Notice).