CVE-2022-21547: 
MySQL vulnerability analysis and mitigation

CVE-2022-21547 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Federated component. The vulnerability affects MySQL Server versions 8.0.29 and prior. This security flaw was discovered and reported to Oracle, who subsequently addressed it in their July 2022 Critical Patch Update (Oracle CPU, NetApp Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The vulnerability requires a high-privileged attacker with network access via multiple protocols to exploit. The attack complexity is considered low, requiring no user interaction (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete Denial of Service (DoS) of MySQL Server. The vulnerability impacts only the availability of the system, with no direct impact on confidentiality or integrity (Oracle CPU).

Oracle has addressed this vulnerability in their July 2022 Critical Patch Update. Users are strongly advised to update to patched versions of MySQL Server. For affected NetApp products, specific patches have been released, including updates for Active IQ Unified Manager, OnCommand Insight, OnCommand Workflow Automation, and SnapCenter (NetApp Advisory).