What is the severity of CVE-2021-2146?

CVE-2021-2146 is considered to be easily exploitable with a high potential impact for high privileged attackers.

How do I fix CVE-2021-2146?

To mitigate CVE-2021-2146, upgrade to MySQL Server version 5.7.34 or 8.0.24 or later.

Which versions of MySQL are affected by CVE-2021-2146?

CVE-2021-2146 affects MySQL Server versions 5.7.33 and prior as well as 8.0.23 and prior.

Can CVE-2021-2146 be exploited remotely?

Yes, CVE-2021-2146 can be exploited remotely by high privileged attackers with network access.

What components of MySQL are impacted by CVE-2021-2146?

CVE-2021-2146 impacts the Server: Options component of the MySQL Server product.

Vulnerability/
CVE-2021-2146

medium

4.9

20/4/2021

22/4/2021

26/9/2024

CVE-2021-2146

First published: Tue Apr 20 2021(Updated: )

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
redhat/mysql	<5.7.34	5.7.34
redhat/mysql	<8.0.24	8.0.24
MySQL	>=5.7.0<=5.7.33
MySQL	>=8.0<=8.0.23
Red Hat Fedora	=32
Red Hat Fedora	=33
Red Hat Fedora	=34
NetApp Active IQ Unified Manager for VMware vSphere
NetApp Active IQ Unified Manager
NetApp OnCommand Insight
NetApp OnCommand Workflow Automation
NetApp SnapCenter

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-2146?
CVE-2021-2146 is considered to be easily exploitable with a high potential impact for high privileged attackers.
How do I fix CVE-2021-2146?
To mitigate CVE-2021-2146, upgrade to MySQL Server version 5.7.34 or 8.0.24 or later.
Which versions of MySQL are affected by CVE-2021-2146?
CVE-2021-2146 affects MySQL Server versions 5.7.33 and prior as well as 8.0.23 and prior.
Can CVE-2021-2146 be exploited remotely?
Yes, CVE-2021-2146 can be exploited remotely by high privileged attackers with network access.
What components of MySQL are impacted by CVE-2021-2146?
CVE-2021-2146 impacts the Server: Options component of the MySQL Server product.

agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2021-2146
agent/software-canonical-lookup
agent/author
agent/description
agent/severity
agent/references
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/redhat
vendor/oracle
canonical/mysql
version/mysql/5.7.0
version/mysql/5.7.33
version/mysql/8.0
version/mysql/8.0.23
vendor/fedoraproject
canonical/red hat fedora
version/red hat fedora/32
version/red hat fedora/33
version/red hat fedora/34
vendor/netapp
canonical/netapp active iq unified manager for vmware vsphere
canonical/netapp active iq unified manager
canonical/netapp oncommand insight
canonical/netapp oncommand workflow automation
canonical/netapp snapcenter