CVE-2021-2481 in MySQL Server
Summary
by MITRE • 10/20/2021
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2021-2481 resides within the MySQL Server optimizer component of Oracle MySQL, affecting versions 8.0.26 and earlier. This represents a critical availability threat that stems from a flaw in how the server processes certain optimization requests, specifically when handling complex query execution paths. The vulnerability operates at the core of MySQL's query processing engine where the optimizer attempts to determine the most efficient execution plan for database operations, making it a fundamental component that directly impacts system stability and performance.
The technical nature of this vulnerability manifests as a denial of service condition that can be triggered through malformed or specially crafted queries that exploit weaknesses in the optimizer's handling of specific execution paths. Attackers with low privilege levels and network access can leverage multiple protocols to send carefully constructed requests that cause the MySQL server to enter a state of continuous crashing or hanging. This behavior occurs because the optimizer fails to properly validate or handle certain edge cases during query analysis, leading to memory corruption or infinite loop conditions that result in complete service disruption. The vulnerability's classification as easily exploitable indicates that the attack vectors require minimal technical sophistication and can be executed without extensive reconnaissance or specialized tools.
From an operational impact perspective, this vulnerability presents a severe threat to database availability and business continuity, particularly in environments where MySQL serves as a critical backend component for applications and services. The complete denial of service condition means that database operations cease entirely, potentially affecting multiple dependent systems and applications that rely on the database for their functionality. Organizations running affected MySQL versions face the risk of extended downtime periods that can result in significant financial losses, service interruptions, and potential customer impact. The availability impact score of 6.5 on the CVSS scale reflects the severity of the disruption potential, as attackers can repeatedly trigger the condition to maintain persistent service degradation.
The vulnerability aligns with CWE-121 and CWE-122 categories related to buffer overflow conditions and heap-based buffer overflows, which are common in database query processing engines where complex data structures must be manipulated. From an ATT&CK framework perspective, this vulnerability maps to T1499.004 (Endpoint Denial of Service) and potentially T1566.001 (Phishing via Social Engineering) if the attack is delivered through compromised applications or services. Organizations should implement immediate mitigation strategies including applying the latest Oracle security patches, implementing network segmentation to limit access to MySQL services, and monitoring for unusual query patterns or connection attempts that might indicate exploitation attempts. Additionally, database administrators should consider implementing query timeouts and resource limits to minimize the impact of potential exploitation attempts while maintaining service availability for legitimate users.