CVE-2022-21457: 
MySQL vulnerability analysis and mitigation

CVE-2022-21457 is a vulnerability affecting MySQL Server versions 8.0.28 and prior. This vulnerability allows unauthenticated attackers with network access via multiple protocols to compromise MySQL Server, specifically through the PAM Auth Plugin component (NVD, Oracle CPU).

The vulnerability has been assigned a CVSS v3.1 base score of 5.9 (Medium) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N. The vulnerability specifically affects the PAM Auth Plugin component of MySQL Server and requires network access for exploitation (NetApp Advisory).

Successful exploitation of this vulnerability could allow an unauthenticated attacker to gain unauthorized access to MySQL Server and potentially compromise sensitive data. The vulnerability primarily affects the confidentiality aspect of the system, with potential for high impact on data confidentiality (NetApp Advisory).

The vulnerability has been addressed in MySQL version 8.0.29. Organizations running affected versions should upgrade to this or later versions. For Ubuntu systems, updates are available through MySQL 8.0.29-0ubuntu0.22.04.1 for Ubuntu 22.04 LTS and equivalent versions for other Ubuntu releases (Ubuntu Notice).