PT-2021-16212 · Mysql Server+1 · Mysql Connectors+1

Hongkun Chen

Published

2021-10-20

Updated

2024-06-15

CVE-2021-2471

CVSS v2.0

7.9

High

Vector

AV:N/AC:M/Au:S/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions MySQL Connectors versions 8.0.26 and prior

Description A difficult to exploit vulnerability in MySQL Connectors allows a high privileged attacker with network access via multiple protocols to compromise the system. Successful attacks can result in unauthorized access to critical data or complete access to all accessible data and the ability to cause a hang or frequently repeatable crash of MySQL Connectors.

Recommendations For versions 8.0.26 and prior, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2021-2471

GHSA-W6F2-8WX4-47R5

OESA-2021-1448

OESA-2022-1960

OESA-2024-1103

OPENSUSE-SU-2022:0658-1

OPENSUSE-SU-2022_0658-1

OPENSUSE-SU-2024:11883-1

SUSE-SU-2022:1142-1

SUSE-SU-2022_1142-1

USN-5123-1

Affected Products

Mysql Connectors

Suse

PT-2021-16212 · Mysql Server+1 · Mysql Connectors+1

CVE-2021-2471

Weakness Enumeration

Related Identifiers

Affected Products

References · 115