CVE-2021-35610 in MySQL Server
Summary
by MITRE • 10/20/2021
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2021-35610 represents a critical weakness within Oracle MySQL Server's optimizer component that affects versions 8.0.26 and earlier. This flaw resides in the server's query optimization logic and constitutes a significant security risk due to its ease of exploitation and the severe consequences it can inflict upon affected systems. The vulnerability operates at the core of MySQL's database engine where query execution plans are processed, making it particularly dangerous as it can be leveraged to disrupt normal database operations while potentially enabling unauthorized data manipulation.
The technical nature of this vulnerability stems from improper handling of certain optimization scenarios within the MySQL server's execution engine. Attackers with low privileges and network access can exploit this weakness through multiple protocols to trigger specific conditions that cause the optimizer to malfunction. This malfunction manifests in two primary ways: first, the server can become unresponsive or crash repeatedly, leading to complete denial of service conditions that can severely impact database availability. Second, the vulnerability can be exploited to gain unauthorized access to modify data within the database, allowing attackers to perform unauthorized insertions, updates, or deletions of information that the compromised system has access to.
From an operational perspective, the impact of this vulnerability extends beyond simple service disruption to include potential data integrity compromise. The CVSS 3.1 score of 7.1 reflects the serious nature of this flaw, with high availability impact and moderate integrity impact. The vulnerability's exploitability requires only low privileges and network access, making it particularly concerning for database environments where multiple users or applications interact with the server. The complete denial of service condition can be achieved through repeated exploitation attempts, effectively rendering the database server unusable until manual intervention occurs. Additionally, the unauthorized data modification capabilities mean that even if the server remains operational, the integrity of stored information can be compromised, potentially leading to data corruption, loss, or unauthorized alterations that could have far-reaching consequences for applications relying on the affected database.
Organizations should prioritize immediate remediation through the application of Oracle's security patches or updates that address this specific vulnerability. The recommended mitigation strategy includes upgrading to MySQL Server version 8.0.27 or later, which contains the necessary fixes for this optimizer flaw. System administrators should also implement network segmentation and access controls to limit exposure of MySQL servers to untrusted networks while monitoring for unusual patterns of database activity that might indicate exploitation attempts. Security teams should consider implementing database activity monitoring solutions that can detect anomalous query patterns or sudden spikes in database resource consumption that could indicate successful exploitation of this vulnerability. This remediation approach aligns with industry best practices for vulnerability management and follows the principles outlined in the MITRE ATT&CK framework where database server compromise represents a critical node in the attack chain that can lead to further system compromise and data exfiltration.
The vulnerability demonstrates characteristics consistent with CWE-119 which describes weakness in memory management, and aligns with ATT&CK techniques related to privilege escalation and denial of service through database server exploitation. Organizations should also consider implementing comprehensive database security assessments to identify similar vulnerabilities within their database infrastructure and establish robust incident response procedures for handling potential exploitation attempts. The combination of availability and integrity impacts makes this vulnerability particularly dangerous in environments where database reliability and data consistency are paramount for business operations.