Extreme Networks

I thank you for the link, but checking the xmc versions of java and mysql looks like they are affected.


Shurly a non announcement is no "not affected statement".

The XMC installed java version is: openjdk version "1.8.0_222"

Openjdk says:

OpenJDK Vulnerability Advisory: 2022/01/18

The following vulnerabilities in OpenJDK source code were fixed in this release. The affected versions are 17.0.1, 15.0.5, 13.0.9, 11.0.13, 8u312, 7u321, and earlier. Please note that defense-in-depth issues are not assigned CVEs. We recommend that you upgrade as soon as possible.


The xmc installed mysql version is: Ver 14.14 Distrib 5.7.27, for linux-glibc2.12 (x86_64) using EditLine wrapper

Oracle lists for example CVE-2021-22946 with a score of 7.5 witch is remote exploitable with mysql 5.7.36 and prior.

I appreciate you elaborating for me. I spoke with our security team about this and they requested that we open a  support case so our support team can initiate a PSIRT/CVE review for this specifically. You can open a case on our Extreme Portal, under Support.

I already opend a case: 02508098

But thought maybe the topic was already discussed here.