CVE-2021-35583 in MySQL Serverinfo

Summary

by MITRE • 10/20/2021

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Windows). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 10/26/2021

The vulnerability identified as CVE-2021-35583 represents a critical availability flaw within Oracle MySQL Server versions 8.0.25 and earlier, specifically affecting the Windows implementation. This weakness resides in the server component of the MySQL database system and demonstrates how seemingly minor implementation details can lead to significant operational disruptions. The vulnerability's classification as easily exploitable indicates that attackers require minimal prerequisites to leverage this flaw, making it particularly dangerous in production environments where database availability is paramount for business operations.

The technical nature of this vulnerability manifests through network-based attacks that can be executed without authentication, exploiting multiple protocols that MySQL Server supports. This characteristic places the vulnerability squarely within the scope of CWE-119, which addresses weaknesses in memory handling and buffer management, though the specific manifestation appears to involve protocol handling rather than direct memory corruption. The flaw enables attackers to trigger a complete denial of service condition that results in either a hang or repeated crashes of the MySQL Server process, effectively rendering the database unavailable to legitimate users and applications.

From an operational impact perspective, the vulnerability's CVSS score of 7.5 reflects the high potential for disruption it presents to database services. The availability impact is rated as complete, meaning that successful exploitation can lead to sustained service interruption that may require manual intervention to restore normal operations. This type of vulnerability directly contradicts the fundamental requirements for database availability as outlined in industry standards such as ISO/IEC 20000 and ITIL service management frameworks, where database systems must maintain high availability to support business continuity. Organizations relying on MySQL for critical applications face significant risk of operational downtime and potential financial losses.

The attack vector analysis reveals that this vulnerability can be exploited over network connections without requiring any authentication credentials, making it particularly dangerous in environments where MySQL servers are exposed to untrusted networks. This characteristic aligns with ATT&CK technique T1190, which covers exploits for lateral movement through network protocols. The lack of authentication requirements means that attackers can potentially exploit this vulnerability from external networks without prior access to the system, representing a significant escalation in threat surface. Organizations should consider implementing network segmentation and firewall rules to limit exposure to this vulnerability while awaiting patches.

Mitigation strategies for CVE-2021-35583 should prioritize immediate patching of affected MySQL Server installations to version 8.0.26 or later, which contains the necessary fixes for this vulnerability. Additionally, network-level protections such as firewall rules that restrict access to MySQL ports and implement rate limiting can help reduce the attack surface. System administrators should also implement monitoring solutions that can detect unusual patterns in database service availability and alert on potential exploitation attempts. The remediation process should include comprehensive testing of patched environments to ensure that the vulnerability is properly addressed without introducing new compatibility issues. Organizations should also review their incident response procedures to ensure rapid response capabilities for similar availability-based attacks that could impact database services.

Responsible

Oracle

Reservation

06/28/2021

Disclosure

10/20/2021

Moderation

accepted

CPE

ready

EPSS

0.02970

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!