CVE-2022-21478: 
MySQL vulnerability analysis and mitigation

CVE-2022-21478 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Optimizer component. The vulnerability affects MySQL versions 8.0.28 and prior. It is an easily exploitable vulnerability that allows high privileged attackers with network access via multiple protocols to compromise MySQL Server (NVD).

The vulnerability has been assigned a CVSS 3.1 Base Score of 5.5 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H. This indicates that the vulnerability requires network access and high privileges to exploit, but has no confidentiality impact, low integrity impact, and high availability impact (Oracle Advisory).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. Additionally, it can lead to unauthorized update, insert or delete access to some of MySQL Server accessible data (NVD).

Oracle has released patches to address this vulnerability in their Critical Patch Update. Users are strongly recommended to update to versions newer than MySQL 8.0.28. For systems that cannot be immediately updated, network access restrictions and privilege limitations should be implemented to reduce the risk of exploitation (Oracle Advisory, NetApp Advisory).