CVE-2022-21427: 
MySQL vulnerability analysis and mitigation

A vulnerability (CVE-2022-21427) was identified in the MySQL Server product of Oracle MySQL, specifically affecting the Server: FTS component. The vulnerability impacts MySQL versions 5.7.37 and prior, as well as 8.0.28 and prior. This security flaw was disclosed in April 2022 as part of Oracle's Critical Patch Update (Oracle CPU).

The vulnerability is characterized as easily exploitable and requires a high-privileged attacker with network access via multiple protocols to compromise MySQL Server. The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H, indicating network accessibility, low attack complexity, high privileges required, and high impact on availability (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DoS) of MySQL Server. The vulnerability specifically impacts the availability of the system while not affecting confidentiality or integrity (Oracle CPU, NetApp Advisory).

Oracle has released patches to address this vulnerability in their April 2022 Critical Patch Update. Users are advised to upgrade to patched versions of MySQL. For MySQL 5.7, versions after 5.7.37 contain the fix, and for MySQL 8.0, versions after 8.0.28 include the necessary security patches (Oracle CPU).