VULNERABILITY

Red Hat: CVE-2021-2307: CVE-2021-2307 mysql: Server: Packaging unspecified vulnerability (CPU Apr 2021) (Multiple Advisories)

Try Surface Command Get a continuous 360° view of your attack surface
Back to Search

Red Hat: CVE-2021-2307: CVE-2021-2307 mysql: Server: Packaging unspecified vulnerability (CPU Apr 2021) (Multiple Advisories)

Severity
3
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:N)
Published
04/22/2021
Created
09/23/2021
Added
09/22/2021
Modified
12/15/2023

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N).

Solution(s)

  • redhat-upgrade-mecab
  • redhat-upgrade-mecab-debuginfo
  • redhat-upgrade-mecab-debugsource
  • redhat-upgrade-mecab-ipadic
  • redhat-upgrade-mecab-ipadic-eucjp
  • redhat-upgrade-mysql
  • redhat-upgrade-mysql-common
  • redhat-upgrade-mysql-debuginfo
  • redhat-upgrade-mysql-debugsource
  • redhat-upgrade-mysql-devel
  • redhat-upgrade-mysql-devel-debuginfo
  • redhat-upgrade-mysql-errmsg
  • redhat-upgrade-mysql-libs
  • redhat-upgrade-mysql-libs-debuginfo
  • redhat-upgrade-mysql-server
  • redhat-upgrade-mysql-server-debuginfo
  • redhat-upgrade-mysql-test
  • redhat-upgrade-mysql-test-debuginfo

References

  • CVE-2021-2307
  • RHSA-2021:3590

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;