Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-2471

Good to know:

icon
icon

Date: October 20, 2021

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).

Language: Java

Severity Score

Related Resources (6)

https://access.redhat.com/security/cve/CVE-2021-2471
https://nvd.nist.gov/vuln/detail/CVE-2021-2471
https://www.oracle.com/security-alerts/cpuapr2022.html
https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2471
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.mend.io/vulnerability-database/CVE-2021-2471

Severity Score

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

Top Fix

icon

Upgrade Version

Upgrade to version mysql:mysql-connector-java:8.0.27

Learn More

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): COMPLETE

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH
Additional information:

Do you need more information?

Contact Us