← Back to CVEs
CVE-2021-2374
MEDIUM4.1
Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).
CVE Details
CVSS v3.1 Score4.1
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack VectorLOCAL
ComplexityHIGH
Privileges RequiredHIGH
User InteractionNONE
Published7/21/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
fedoraproject:fedoranetapp:oncommand_insightoracle:mysql_server
References
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OO2Q5PIFURXLLKCIJE6XF6VL4LLMNO5/(secalert_us@oracle.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPJAGVMRKODR4QIXQSVEM4BLRZUM7P3R/(secalert_us@oracle.com)
https://security.netapp.com/advisory/ntap-20210723-0001/(secalert_us@oracle.com)
https://www.oracle.com/security-alerts/cpujul2021.html(secalert_us@oracle.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OO2Q5PIFURXLLKCIJE6XF6VL4LLMNO5/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPJAGVMRKODR4QIXQSVEM4BLRZUM7P3R/(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20210723-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2021.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.