Versio.io

CVE-2021-2471

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 20-10-2021 01:16
Last modified: - 28-04-2022 05:07
Total changes: - 5

Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H
High
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
None
Integrity
High
Privileges required
Unchanged
Scope
None
User interaction
5.9
Base score
0.7
5.2
Exploitability score
Impact score
 

Verification logic

OR
OR
vendor=oracle AND product=communications_cloud_native_core_console AND version=1.9.0
vendor=oracle AND product=communications_cloud_native_core_network_slice_selection_function AND version=1.8.0
vendor=oracle AND product=communications_cloud_native_core_policy AND version=1.15.0
vendor=oracle AND product=communications_cloud_native_core_security_edge_protection_proxy AND version=1.7.0
vendor=oracle AND product=mysql_connectors AND versionEndIncluding=8.0.26 AND versionStartIncluding=8.0.0
OR
vendor=quarkus AND product=quarkus AND versionEndExcluding=2.2.4
vendor=quarkus AND product=quarkus AND versionStartIncluding=2.3.0 AND versionEndExcluding=2.6.0
 

Reference

 


Keywords

NVD

 

CVE-2021-2471

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.