CVE-2021-2471
Confidentiality and Availability vulnerability in mysql-connector-java (Maven)
What is CVE-2021-2471 About?
This vulnerability affecting Oracle MySQL Connectors (component: Connector/J versions 8.0.26 and prior) allows an attacker to compromise the connectors. It results in unauthorized access to critical data or complete data, as well as a denial of service. While difficult to exploit, it targets high-privileged attackers with network access.
Affected Software
Technical Details
A vulnerability exists in the MySQL Connectors product, specifically within the Connector/J component (versions 8.0.26 and prior). This highly privileged vulnerability can be triggered by attackers with network access via multiple protocols. While the exact technical mechanism is not detailed, successful exploitation could lead to unauthorized access to sensitive data processed by Connector/J or even full access to all data accessible by the connectors. Additionally, attackers could cause a denial of service, resulting in a hang or frequently repeatable crash of the MySQL Connectors. This suggests a flaw in data handling, communication protocols, or possibly an injection point that allows compromise of the connector's operations, leading to both data confidentiality and availability impacts.
What is the Impact of CVE-2021-2471?
Successful exploitation may allow attackers to gain unauthorized access to critical data or all data accessible by MySQL Connectors, and cause a complete denial of service for the connectors.
What is the Exploitability of CVE-2021-2471?
This vulnerability is difficult to exploit, requiring a high-privileged attacker who has network access to the affected MySQL Connectors. There are no user interface interaction requirements. The attacker needs to be authenticated with high privileges to initiate the attack. Access is remote, via multiple network protocols. Special conditions involve the attacker already possessing significant access or credentials within the target environment. The complexity and privilege requirements suggest that this vulnerability is not easily exploited by an external, unauthenticated attacker. The primary risk factor is the attacker having already compromised high-level credentials or having internal access to the network.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| SecCoder-Security-Lab | Link | h2-jdbc(https://github.com/h2database/h2database/issues/3195) & mysql-jdbc(CVE-2021-2471) SQLXML XXE vulnerability reproduction. |
| cckuailong | Link | PoC for CVE-2021-2471 |
| DrunkenShells | Link | PoC for CVE-2021-2471 - XXE in MySQL Connector/J |
What are the Available Fixes for CVE-2021-2471?
Available Upgrade Options
- mysql:mysql-connector-java
- >8.0.0, <8.0.27 → Upgrade to 8.0.27
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-2471
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://osv.dev/vulnerability/GHSA-w6f2-8wx4-47r5
What are Similar Vulnerabilities to CVE-2021-2471?
Similar Vulnerabilities: CVE-2023-21963 , CVE-2023-21908 , CVE-2023-21919 , CVE-2023-21950 , CVE-2023-21946
