Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).
References
Link | Resource |
---|---|
https://www.oracle.com/security-alerts/cpuapr2022.html | Vendor Advisory |
https://www.oracle.com/security-alerts/cpuoct2021.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
28 Apr 2022, 15:07
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:* |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Vendor Advisory | |
First Time |
Oracle communications Cloud Native Core Network Slice Selection Function
Oracle communications Cloud Native Core Console Oracle communications Cloud Native Core Security Edge Protection Proxy Oracle communications Cloud Native Core Policy |
19 Apr 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Feb 2022, 16:33
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:* | |
First Time |
Quarkus quarkus
Quarkus |
22 Nov 2021, 16:46
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:* |
26 Oct 2021, 12:16
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 7.9
v3 : 5.9 |
20 Oct 2021, 11:53
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-20 11:16
Updated : 2023-12-10 14:09
NVD link : CVE-2021-2471
Mitre link : CVE-2021-2471
CVE.ORG link : CVE-2021-2471
JSON object : View
Products Affected
oracle
- communications_cloud_native_core_console
- communications_cloud_native_core_policy
- mysql_connectors
- communications_cloud_native_core_network_slice_selection_function
- communications_cloud_native_core_security_edge_protection_proxy
quarkus
- quarkus
CWE