Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2021-2471

Published: Oct 20, 2021 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.9 HIGH
AV:N/AC:M/Au:S/C:C/I:N/A:C
RedHat/V2
RedHat/V3
7.4 MODERATE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2021-2471
CWEhttps://cwe.mitre.org/data/definitions/.html

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).

Affected Software

Name Vendor Start Version End Version
Communications_cloud_native_core_console Oracle 1.9.0 (including) 1.9.0 (including)
Communications_cloud_native_core_network_slice_selection_function Oracle 1.8.0 (including) 1.8.0 (including)
Communications_cloud_native_core_policy Oracle 1.15.0 (including) 1.15.0 (including)
Communications_cloud_native_core_security_edge_protection_proxy Oracle 1.7.0 (including) 1.7.0 (including)
Mysql_connectors Oracle 8.0.0 (including) 8.0.26 (including)
Red Hat build of Quarkus 2.2.5 RedHat mysql-connector-java *
Red Hat Fuse 7.11 RedHat mysql-connector-java *
RHAF Camel-K 1.8 RedHat mysql-connector-java *
RHINT Camel-Q 2.2.1 RedHat mysql-connector-java *
RHPAM 7.13.0 async RedHat mysql-connector-java *
Mariadb-10.0 Ubuntu xenial *
Mariadb-10.1 Ubuntu bionic *
Mariadb-10.5 Ubuntu hirsute *
Mariadb-10.5 Ubuntu impish *
Mariadb-5.5 Ubuntu trusty *
Mysql-5.5 Ubuntu esm-infra-legacy/trusty *
Mysql-5.5 Ubuntu trusty *
Mysql-5.5 Ubuntu trusty/esm *
Mysql-5.6 Ubuntu trusty *
Mysql-8.0 Ubuntu devel *
Mysql-8.0 Ubuntu focal *
Mysql-8.0 Ubuntu hirsute *
Mysql-8.0 Ubuntu impish *
Mysql-8.0 Ubuntu jammy *
Mysql-8.0 Ubuntu kinetic *
Mysql-8.0 Ubuntu lunar *
Mysql-8.0 Ubuntu mantic *
Mysql-8.0 Ubuntu noble *
Mysql-8.0 Ubuntu oracular *
Mysql-8.0 Ubuntu upstream *
Percona-server-5.6 Ubuntu xenial *
Percona-xtradb-cluster-5.5 Ubuntu trusty *
Percona-xtradb-cluster-5.6 Ubuntu xenial *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use