CVE-2021-2048

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.22 and prior

Description: The vulnerability in the MySQL Server product is related to insufficient access control in the InnoDB component. Exploitation of this issue can allow a remote attacker to cause a denial of service or gain read, modify, add, or delete access to data using the MySQL network protocol. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash of MySQL Server, as well as unauthorized update, insert, or delete access to some of MySQL Server's accessible data.

Recommendations: For versions 8.0.22 and prior, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation. Additionally, ensure that only high privileged attackers with legitimate access are allowed to interact with the MySQL Server via multiple protocols.