CVE-2021-2471

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*

History

28 Apr 2022, 15:07

Type Values Removed Values Added
CPE cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*
References (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Vendor Advisory
First Time Oracle communications Cloud Native Core Network Slice Selection Function
Oracle communications Cloud Native Core Console
Oracle communications Cloud Native Core Security Edge Protection Proxy
Oracle communications Cloud Native Core Policy

19 Apr 2022, 21:15

Type Values Removed Values Added
References
  • (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -

08 Feb 2022, 16:33

Type Values Removed Values Added
CPE cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*
First Time Quarkus quarkus
Quarkus

22 Nov 2021, 16:46

Type Values Removed Values Added
CPE cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*

26 Oct 2021, 12:16

Type Values Removed Values Added
References (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Vendor Advisory
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 5.9
v2 : 7.9
v3 : 5.9

20 Oct 2021, 11:53

Type Values Removed Values Added
New CVE

Information

Published : 2021-10-20 11:16

Updated : 2023-12-10 14:09


NVD link : CVE-2021-2471

Mitre link : CVE-2021-2471

CVE.ORG link : CVE-2021-2471


JSON object : View

Products Affected

oracle

  • communications_cloud_native_core_console
  • communications_cloud_native_core_policy
  • mysql_connectors
  • communications_cloud_native_core_network_slice_selection_function
  • communications_cloud_native_core_security_edge_protection_proxy

quarkus

  • quarkus