CVE-2021-35596 in MySQL Server
Summary
by MITRE • 10/20/2021
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Error Handling). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2021-35596 resides within the MySQL Server component known as Server: Error Handling, affecting all versions up to and including 8.0.26. This represents a significant security weakness that demonstrates the critical importance of proper error handling mechanisms within database systems. The vulnerability falls under the Common Weakness Enumeration category CWE-248, which specifically addresses "Uncaught Exception" conditions where software fails to properly handle exceptional circumstances, leading to system instability or compromise. The flaw manifests in how the MySQL server processes certain error conditions, creating a scenario where an attacker with elevated privileges can manipulate the system's response to these conditions.
The technical nature of this vulnerability stems from inadequate error handling routines within the MySQL server's core processing mechanisms. When the server encounters specific error conditions, the improper handling causes the system to enter an unstable state that can result in complete denial of service. The attack vector requires a high-privileged user with network access through multiple protocols, indicating that this vulnerability could be exploited by someone who already has significant access to the system. The CVSS score of 4.9 reflects the availability impact, with the potential for a complete denial of service that can cause the MySQL server to hang or repeatedly crash, effectively rendering the database service unusable for legitimate operations.
The operational impact of this vulnerability extends beyond simple service disruption, as it can lead to complete system unavailability that affects business continuity and data access. Organizations relying on MySQL for critical database operations face substantial risk from this vulnerability, particularly in environments where database availability is paramount. The fact that this vulnerability is easily exploitable means that attackers with minimal effort can cause significant disruption to database services. The CVSS vector analysis reveals that while network access is required, the attack complexity is low and no user interaction is needed, making this vulnerability particularly dangerous in environments where privileged access might be compromised. This vulnerability also aligns with ATT&CK technique T1499.004, which covers "Toggle Service" and related denial of service tactics that can be employed to disrupt database availability.
Mitigation strategies for CVE-2021-35596 primarily focus on immediate patching of affected MySQL server installations to version 8.0.27 or later, which contains the necessary fixes for the error handling flaw. Organizations should also implement network segmentation and access controls to limit the number of high-privileged accounts that can directly access the MySQL server. Monitoring systems should be enhanced to detect unusual patterns of server crashes or hangs that might indicate exploitation attempts. Additionally, implementing proper network access controls and limiting the protocols that can connect to the MySQL server can reduce the attack surface. Regular vulnerability assessments and penetration testing should be conducted to identify similar error handling vulnerabilities in other database systems and applications. The remediation process should include thorough testing of patched systems to ensure that the fix does not introduce new compatibility issues or performance degradation in existing database operations.