CVE-2021-2307 — Oracle Mysql vulnerability
11 documents10 sources
Severity
6.1MEDIUMNVD
EPSS
0.4%
top 36.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 22
Latest updateMay 24
Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:NExploitability: 1.8 | Impact: 4.2
Affected Packages2 packages
🔴Vulnerability Details
3GHSA▶
GHSA-7vpx-456c-wf87: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging)↗2022-05-24
CVEList▶
CVE-2021-2307: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging)↗2021-04-22
OSV▶
CVE-2021-2307: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging)↗2021-04-22
📋Vendor Advisories
6Microsoft▶
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerabili↗2021-04-13
🕵️Threat Intelligence
1Tenable▶
Oracle April 2021 Critical Patch Update Addresses 257 CVEs including ‘Zerologon’ (CVE-2020-1472)↗2021-04-21