Detections
Analytics
RHEL 7 : rh-mysql80-mysql (RHSA-2022:6518)
high Nessus Plugin ID 165092
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6518 advisory.MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
The following packages have been upgraded to a later upstream version: rh-mysql80-mysql (8.0.30).
(BZ#2076939)
Security Fix(es):
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413)
* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575, CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253, CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342, CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21556, CVE-2022-21569, CVE-2022-21265)
* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344, CVE-2022-21415)
* mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596)
* mysql: C API unspecified vulnerability (CVE-2021-35597)
* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630, CVE-2022-21515)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348, CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537, CVE-2022-21539, CVE-2022-21423)
* mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608, CVE-2022-21256, CVE-2022-21379, CVE-2022-21454)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622, CVE-2022-21358, CVE-2022-21372, CVE-2022-21538)
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624, CVE-2022-21245, CVE-2021-35625)
* mysql: Server: GIS unspecified vulnerability (CVE-2021-35631)
* mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632)
* mysql: Server: PS unspecified vulnerability (CVE-2021-35637)
* mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303, CVE-2022-21522, CVE-2022-21534)
* mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427)
* mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547)
* mysql: Server: Parser unspecified vulnerability (CVE-2022-21304)
* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374)
* mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367)
* mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640, CVE-2022-21249)
* mysql: Server: PAM Auth Plugin multiple unspecified vulnerabilities (CVE-2022-21455, CVE-2022-21457)
* mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633)
* mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://www.nessus.org/u?5e010bd0
https://access.redhat.com/errata/RHSA-2022:6518
https://bugzilla.redhat.com/show_bug.cgi?id=2016089
https://bugzilla.redhat.com/show_bug.cgi?id=2016090
https://bugzilla.redhat.com/show_bug.cgi?id=2016091
https://bugzilla.redhat.com/show_bug.cgi?id=2016093
https://bugzilla.redhat.com/show_bug.cgi?id=2016094
https://bugzilla.redhat.com/show_bug.cgi?id=2016095
https://bugzilla.redhat.com/show_bug.cgi?id=2016097
https://bugzilla.redhat.com/show_bug.cgi?id=2016098
https://bugzilla.redhat.com/show_bug.cgi?id=2016099
https://bugzilla.redhat.com/show_bug.cgi?id=2016100
https://bugzilla.redhat.com/show_bug.cgi?id=2016101
https://bugzilla.redhat.com/show_bug.cgi?id=2016104
https://bugzilla.redhat.com/show_bug.cgi?id=2016105
https://bugzilla.redhat.com/show_bug.cgi?id=2016106
https://bugzilla.redhat.com/show_bug.cgi?id=2016107
https://bugzilla.redhat.com/show_bug.cgi?id=2016108
https://bugzilla.redhat.com/show_bug.cgi?id=2016109
https://bugzilla.redhat.com/show_bug.cgi?id=2016110
https://bugzilla.redhat.com/show_bug.cgi?id=2016111
https://bugzilla.redhat.com/show_bug.cgi?id=2016112
https://bugzilla.redhat.com/show_bug.cgi?id=2016113
https://bugzilla.redhat.com/show_bug.cgi?id=2016114
https://bugzilla.redhat.com/show_bug.cgi?id=2016117
https://bugzilla.redhat.com/show_bug.cgi?id=2016118
https://bugzilla.redhat.com/show_bug.cgi?id=2016119
https://bugzilla.redhat.com/show_bug.cgi?id=2016120
https://bugzilla.redhat.com/show_bug.cgi?id=2016121
https://bugzilla.redhat.com/show_bug.cgi?id=2016122
https://bugzilla.redhat.com/show_bug.cgi?id=2016124
https://bugzilla.redhat.com/show_bug.cgi?id=2016126
https://bugzilla.redhat.com/show_bug.cgi?id=2016127
https://bugzilla.redhat.com/show_bug.cgi?id=2016128
https://bugzilla.redhat.com/show_bug.cgi?id=2016129
https://bugzilla.redhat.com/show_bug.cgi?id=2016130
https://bugzilla.redhat.com/show_bug.cgi?id=2016131
https://bugzilla.redhat.com/show_bug.cgi?id=2016132
https://bugzilla.redhat.com/show_bug.cgi?id=2016133
https://bugzilla.redhat.com/show_bug.cgi?id=2016134
https://bugzilla.redhat.com/show_bug.cgi?id=2016135
https://bugzilla.redhat.com/show_bug.cgi?id=2016137
https://bugzilla.redhat.com/show_bug.cgi?id=2016138
https://bugzilla.redhat.com/show_bug.cgi?id=2043620
https://bugzilla.redhat.com/show_bug.cgi?id=2043621
https://bugzilla.redhat.com/show_bug.cgi?id=2043622
https://bugzilla.redhat.com/show_bug.cgi?id=2043623
https://bugzilla.redhat.com/show_bug.cgi?id=2043624
https://bugzilla.redhat.com/show_bug.cgi?id=2043625
https://bugzilla.redhat.com/show_bug.cgi?id=2043626
https://bugzilla.redhat.com/show_bug.cgi?id=2043627
https://bugzilla.redhat.com/show_bug.cgi?id=2043628
https://bugzilla.redhat.com/show_bug.cgi?id=2043629
https://bugzilla.redhat.com/show_bug.cgi?id=2043630
https://bugzilla.redhat.com/show_bug.cgi?id=2043631
https://bugzilla.redhat.com/show_bug.cgi?id=2043632
https://bugzilla.redhat.com/show_bug.cgi?id=2043633
https://bugzilla.redhat.com/show_bug.cgi?id=2043634
https://bugzilla.redhat.com/show_bug.cgi?id=2043635
https://bugzilla.redhat.com/show_bug.cgi?id=2043636
https://bugzilla.redhat.com/show_bug.cgi?id=2043637
https://bugzilla.redhat.com/show_bug.cgi?id=2043638
https://bugzilla.redhat.com/show_bug.cgi?id=2043639
https://bugzilla.redhat.com/show_bug.cgi?id=2043640
https://bugzilla.redhat.com/show_bug.cgi?id=2043641
https://bugzilla.redhat.com/show_bug.cgi?id=2043642
https://bugzilla.redhat.com/show_bug.cgi?id=2043643
https://bugzilla.redhat.com/show_bug.cgi?id=2043644
https://bugzilla.redhat.com/show_bug.cgi?id=2043645
https://bugzilla.redhat.com/show_bug.cgi?id=2043646
https://bugzilla.redhat.com/show_bug.cgi?id=2043647
https://bugzilla.redhat.com/show_bug.cgi?id=2043648
https://bugzilla.redhat.com/show_bug.cgi?id=2076939
https://bugzilla.redhat.com/show_bug.cgi?id=2082636
https://bugzilla.redhat.com/show_bug.cgi?id=2082637
https://bugzilla.redhat.com/show_bug.cgi?id=2082638
https://bugzilla.redhat.com/show_bug.cgi?id=2082639
https://bugzilla.redhat.com/show_bug.cgi?id=2082640
https://bugzilla.redhat.com/show_bug.cgi?id=2082641
https://bugzilla.redhat.com/show_bug.cgi?id=2082642
https://bugzilla.redhat.com/show_bug.cgi?id=2082643
https://bugzilla.redhat.com/show_bug.cgi?id=2082644
https://bugzilla.redhat.com/show_bug.cgi?id=2082645
https://bugzilla.redhat.com/show_bug.cgi?id=2082646
https://bugzilla.redhat.com/show_bug.cgi?id=2082647
https://bugzilla.redhat.com/show_bug.cgi?id=2082648
https://bugzilla.redhat.com/show_bug.cgi?id=2082649
https://bugzilla.redhat.com/show_bug.cgi?id=2082650
https://bugzilla.redhat.com/show_bug.cgi?id=2082651
https://bugzilla.redhat.com/show_bug.cgi?id=2082652
https://bugzilla.redhat.com/show_bug.cgi?id=2082653
https://bugzilla.redhat.com/show_bug.cgi?id=2082654
https://bugzilla.redhat.com/show_bug.cgi?id=2082655
https://bugzilla.redhat.com/show_bug.cgi?id=2082656
https://bugzilla.redhat.com/show_bug.cgi?id=2082657
https://bugzilla.redhat.com/show_bug.cgi?id=2082658
https://bugzilla.redhat.com/show_bug.cgi?id=2082659
https://bugzilla.redhat.com/show_bug.cgi?id=2115282
https://bugzilla.redhat.com/show_bug.cgi?id=2115283
https://bugzilla.redhat.com/show_bug.cgi?id=2115284
https://bugzilla.redhat.com/show_bug.cgi?id=2115285
https://bugzilla.redhat.com/show_bug.cgi?id=2115286
https://bugzilla.redhat.com/show_bug.cgi?id=2115287
https://bugzilla.redhat.com/show_bug.cgi?id=2115288
https://bugzilla.redhat.com/show_bug.cgi?id=2115289
https://bugzilla.redhat.com/show_bug.cgi?id=2115290
https://bugzilla.redhat.com/show_bug.cgi?id=2115291
https://bugzilla.redhat.com/show_bug.cgi?id=2115292
https://bugzilla.redhat.com/show_bug.cgi?id=2115293
https://bugzilla.redhat.com/show_bug.cgi?id=2115294
https://bugzilla.redhat.com/show_bug.cgi?id=2115295
https://bugzilla.redhat.com/show_bug.cgi?id=2115296
https://bugzilla.redhat.com/show_bug.cgi?id=2115297
https://bugzilla.redhat.com/show_bug.cgi?id=2115298
https://bugzilla.redhat.com/show_bug.cgi?id=2115299
https://bugzilla.redhat.com/show_bug.cgi?id=2115300
https://bugzilla.redhat.com/show_bug.cgi?id=2115301
https://access.redhat.com/security/updates/classification/#moderate
Plugin Details
Severity: High
ID: 165092
File Name: redhat-RHSA-2022-6518.nasl
Version: 1.7
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 9/14/2022
Updated: 11/7/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
Vendor
Vendor Severity: Moderate
CVSS v2
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 4.8
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS Score Source: CVE-2022-21368
CVSS v3
Risk Factor: High
Base Score: 7.2
Temporal Score: 6.3
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2022-21600
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-errmsg, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-server-syspaths, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-test, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-config-syspaths, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-syspaths, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-devel, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-server, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-config, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-common, p-cpe:/a:redhat:enterprise_linux:rh-mysql80-mysql-icu-data-files
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 9/14/2022
Vulnerability Publication Date: 10/19/2021
Reference Information
CVE: CVE-2021-2478, CVE-2021-2479, CVE-2021-2481, CVE-2021-35546, CVE-2021-35575, CVE-2021-35577, CVE-2021-35591, CVE-2021-35596, CVE-2021-35597, CVE-2021-35602, CVE-2021-35604, CVE-2021-35607, CVE-2021-35608, CVE-2021-35610, CVE-2021-35612, CVE-2021-35622, CVE-2021-35623, CVE-2021-35624, CVE-2021-35625, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35630, CVE-2021-35631, CVE-2021-35632, CVE-2021-35633, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35637, CVE-2021-35638, CVE-2021-35639, CVE-2021-35640, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2021-35648, CVE-2022-21245, CVE-2022-21249, CVE-2022-21253, CVE-2022-21254, CVE-2022-21256, CVE-2022-21264, CVE-2022-21265, CVE-2022-21270, CVE-2022-21278, CVE-2022-21297, CVE-2022-21301, CVE-2022-21302, CVE-2022-21303, CVE-2022-21304, CVE-2022-21339, CVE-2022-21342, CVE-2022-21344, CVE-2022-21348, CVE-2022-21351, CVE-2022-21352, CVE-2022-21358, CVE-2022-21362, CVE-2022-21367, CVE-2022-21368, CVE-2022-21370, CVE-2022-21372, CVE-2022-21374, CVE-2022-21378, CVE-2022-21379, CVE-2022-21412, CVE-2022-21413, CVE-2022-21414, CVE-2022-21415, CVE-2022-21417, CVE-2022-21418, CVE-2022-21423, CVE-2022-21425, CVE-2022-21427, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21444, CVE-2022-21451, CVE-2022-21452, CVE-2022-21454, CVE-2022-21455, CVE-2022-21457, CVE-2022-21459, CVE-2022-21460, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21515, CVE-2022-21517, CVE-2022-21522, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21534, CVE-2022-21537, CVE-2022-21538, CVE-2022-21539, CVE-2022-21547, CVE-2022-21553, CVE-2022-21556, CVE-2022-21569, CVE-2022-21592, CVE-2022-21595, CVE-2022-21600, CVE-2022-21605, CVE-2022-21607, CVE-2022-21635, CVE-2022-21638, CVE-2022-21641, CVE-2023-21866, CVE-2023-21872, CVE-2023-21950
RHSA: 2022:6518