Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS13NmYyLTh3eDQtNDdyNc4AAqY0
Incorrect Authorization in MySQL Connector Java
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).
Permalink: https://github.com/advisories/GHSA-w6f2-8wx4-47r5JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS13NmYyLTh3eDQtNDdyNc4AAqY0
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 2 years ago
Updated: almost 2 years ago
CVSS Score: 5.9
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H
EPSS Percentage: 0.00063
EPSS Percentile: 0.28519
Identifiers: GHSA-w6f2-8wx4-47r5, CVE-2021-2471
References:
- https://nvd.nist.gov/vuln/detail/CVE-2021-2471
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://github.com/advisories/GHSA-w6f2-8wx4-47r5
Affected Packages
maven:mysql:mysql-connector-java
Dependent packages: 6,378Dependent repositories: 562,953
Downloads:
Affected Version Ranges: >= 8.0.0, <= 8.0.26
Fixed in: 8.0.27
All affected versions: 8.0.11, 8.0.12, 8.0.13, 8.0.14, 8.0.15, 8.0.16, 8.0.17, 8.0.18, 8.0.19, 8.0.20, 8.0.21, 8.0.22, 8.0.23, 8.0.24, 8.0.25, 8.0.26
All unaffected versions: 2.0.14, 3.0.8, 3.0.10, 3.1.11, 3.1.12, 3.1.13, 3.1.14, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.7, 5.0.8, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 5.1.8, 5.1.9, 5.1.10, 5.1.11, 5.1.12, 5.1.13, 5.1.14, 5.1.15, 5.1.16, 5.1.17, 5.1.18, 5.1.19, 5.1.20, 5.1.21, 5.1.22, 5.1.23, 5.1.24, 5.1.25, 5.1.26, 5.1.27, 5.1.28, 5.1.29, 5.1.30, 5.1.31, 5.1.32, 5.1.33, 5.1.34, 5.1.35, 5.1.36, 5.1.37, 5.1.38, 5.1.39, 5.1.40, 5.1.41, 5.1.42, 5.1.43, 5.1.44, 5.1.45, 5.1.46, 5.1.47, 5.1.48, 5.1.49, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 8.0.27, 8.0.28, 8.0.29, 8.0.30, 8.0.31, 8.0.32, 8.0.33