CVE-2021-2046Oracle Mysql vulnerability

9 documents9 sources
Severity
6.8MEDIUMNVD
EPSS
0.3%
top 43.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle MysqlOracle Corporation Mysql Server
Timeline
PublishedJan 20
Latest updateMay 24

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repe

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 2.3 | Impact: 4.0

Affected Packages2 packages

CVEListV5oracle_corporation/mysql_server8.0.22 and prior
NVDoracle/mysql8.0.08.0.22

🔴Vulnerability Details

3
GHSA
GHSA-44r7-3vwf-q932: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure)2022-05-24
CVEList
CVE-2021-2046: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure)2021-01-20
OSV
CVE-2021-2046: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure)2021-01-20

📋Vendor Advisories

5
Ubuntu
MySQL vulnerabilities2021-02-01
Red Hat
mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021)2021-01-19
Oracle
Oracle Oracle MySQL Risk Matrix: Server: Stored Procedure — CVE-2021-20462021-01-15
Microsoft
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high2021-01-12
Debian
CVE-2021-2046: mysql-8.0 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: St...2021
CVE-2021-2046 — Oracle Mysql vulnerability | cvebase