CVE-2021-2471 - OpenCVE

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:S/C:C/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Oracle	Communications Cloud Native Core Console Communications Cloud Native Core Security Edge Protection Proxy Communications Cloud Native Core Network Slice Selection Function Communications Cloud Native Core Policy Mysql Connectors
Quarkus	Quarkus

Configuration 1 [-]

OR	cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:::::::*
	cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:::::::*
	cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:::::::*
	cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:::::::*
	cpe:2.3:a:oracle:mysql_connectors::::::::