Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv3

CVE-2021-2154

Published: 22/04/2021 Updated: 07/11/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Oracle

Vulnerability Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql

mariadb mariadb

netapp snapcenter -

netapp oncommand workflow automation -

netapp oncommand insight -

netapp active iq unified manager -

fedoraproject fedora 32

fedoraproject fedora 33

fedoraproject fedora 34

Vendor Advisories

Debian CVElist Bug Report Logs: mariadb-10.5: CVE-2021-2154 CVE-2021-2166
Debian Bug report logs - #988428 mariadb-105: CVE-2021-2154 CVE-2021-2166 Package: src:mariadb-105; Maintainer for src:mariadb-105 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 12 May 2021 19:15:01 UTC Severity: grave Tags: s ...
Red Hat: Moderate: mariadb:10.5 security, bug fix, and enhancement update
Synopsis Moderate: mariadb:105 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the mariadb:105 module is now available for Red Hat Enterprise Linux 8Red Hat Produc ...
Red Hat: Moderate: rh-mariadb105-mariadb security and bug fix update
Synopsis Moderate: rh-mariadb105-mariadb security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for rh-mariadb105-mariadb and rh-mariadb105-galera is now available for Red Hat Software Collec ...
Red Hat: Moderate: mariadb:10.3 security and bug fix update
Synopsis Moderate: mariadb:103 security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the mariadb:103 module is now available for Red Hat Enterprise Linux 84 Extended Update SupportRe ...
Red Hat: Moderate: rh-mariadb103-mariadb security and bug fix update
Synopsis Moderate: rh-mariadb103-mariadb security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for rh-mariadb103-mariadb and rh-mariadb103-galera is now available for Red Hat Software Collec ...
Amazon Linux 2: ALASMARIADB10.5-2023-004
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML) Supported versions that are affected are 5733 and prior Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server Successful attacks of this vulnerability can result in unauthorized abi ...
Arch Linux Issues:
A security issue has been found in MariaDB before version 10510 An easily exploitable vulnerability allows high privileged attackers with network access via multiple protocols to compromise the MariaDB server Successful attacks of this vulnerability can cause a hang or a frequently repeatable crash (complete denial of service) of the server ...

References

NVD-CWE-noinfohttps://www.oracle.com/security-alerts/cpuapr2021.htmlhttps://security.netapp.com/advisory/ntap-20210513-0002/https://security.gentoo.org/glsa/202105-27https://security.gentoo.org/glsa/202105-28https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPA3CTGXPVWKHMCQDVURK4ETH7GE34KK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GAU7KW36A6TQGKG3RUITYSVUFIHBY3OT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEF5CRATUGQZUSQU63MHQIDZPOLHW2VE/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988428https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALASMARIADB10.5-2023-004.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook