CVE-2021-2411

CWE-7635 documents5 sources
Severity
3.7LOW
EPSS
0.9%
top 24.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Mysql ClusterOracle Corporation Mysql Cluster
Timeline
PublishedJul 21
Latest updateMay 24

Description

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: JS module). Supported versions that are affected are 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVS

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.2 | Impact: 1.4

Affected Packages2 packages

NVDoracle/mysql_cluster8.0.08.0.25
CVEListV5oracle_corporation/mysql_cluster8.0.25 and prior

🔴Vulnerability Details

2
GHSA
GHSA-53rr-g6c2-mfp4: Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: JS module)2022-05-24
CVEList
CVE-2021-2411: Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: JS module)2021-07-20

📋Vendor Advisories

1
Oracle
Oracle Oracle MySQL Risk Matrix: Cluster: JS module — CVE-2021-24112021-07-15
CVE-2021-2411 (LOW CVSS 3.7) | Vulnerability in the MySQL Cluster | cvebase.io