CVE-2022-21519: 
MySQL Cluster vulnerability analysis and mitigation

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). The vulnerability affects versions 8.0.29 and prior. This is a difficult to exploit vulnerability that allows unauthenticated attackers with network access via multiple protocols to compromise MySQL Cluster (Oracle CPU Jul2022).

The vulnerability has been assigned a CVSS 3.1 Base Score of 5.9 (Medium) with the vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H. The scoring indicates that while the vulnerability is network-accessible, it requires high attack complexity and no privileges or user interaction. The impact is limited to availability, with no direct impact on confidentiality or integrity (Oracle CPU Jul2022).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. The impact is primarily focused on system availability, potentially leading to service disruptions (Oracle CPU Jul2022, NetApp Advisory).

Oracle has released patches to address this vulnerability in their July 2022 Critical Patch Update. Users are strongly recommended to update to patched versions. For affected NetApp products, patches have been made available through their support website, including updates for Active IQ Unified Manager, OnCommand Insight, OnCommand Workflow Automation, and SnapCenter (NetApp Advisory).