CVE-2021-35637 in MySQL Server
Summary
by MITRE • 10/20/2021
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/17/2025
The vulnerability identified as CVE-2021-35637 represents a significant availability risk within Oracle MySQL Server versions 8.0.26 and earlier. This flaw exists within the Server: PS component of the MySQL ecosystem and demonstrates how even minor version discrepancies can create substantial operational threats. The vulnerability's classification as easily exploitable indicates that attackers with high privileges and network access can leverage this weakness to disrupt service availability, making it particularly concerning for mission-critical database environments where uptime is paramount. The CVSS score of 4.9 reflects the moderate to high impact on system availability, with the attack vector requiring network access and high privileges, suggesting that this vulnerability is more likely to be exploited by insiders or compromised accounts rather than external actors.
The technical nature of this vulnerability involves a flaw that can cause complete denial of service conditions through hangs or frequently repeatable crashes within the MySQL Server instance. This type of weakness typically stems from improper handling of specific input sequences or protocol interactions that trigger memory corruption, resource exhaustion, or thread management failures within the server process. The fact that this vulnerability affects multiple protocols indicates it likely resides in the core server processing logic that handles various communication channels, potentially including TCP/IP connections, Unix domain sockets, or other network interfaces. The complete DOS capability means that successful exploitation can render the database service unavailable for extended periods, potentially requiring manual intervention to restart the server process and recover from the crash state.
From an operational standpoint, this vulnerability creates substantial risk for organizations relying on MySQL for critical business applications, particularly those with high availability requirements or regulatory compliance needs. The impact extends beyond simple service disruption as database downtime can cascade into application failures, data integrity concerns, and potential financial losses. Organizations with automated monitoring systems may experience false alerts during exploitation attempts, complicating incident response procedures. The vulnerability's potential for frequent repeatable crashes suggests that attackers could maintain persistent disruption rather than achieving a one-time service interruption, increasing the overall damage potential and making it more challenging to implement temporary workarounds.
Security practitioners should prioritize patching this vulnerability in affected MySQL Server installations, particularly in environments where high-privileged accounts exist or where network exposure is unavoidable. The remediation approach should include comprehensive testing of patches in staging environments before deployment to production systems to ensure compatibility with existing applications. Organizations should also implement network segmentation and access controls to limit the attack surface, particularly for MySQL instances that are exposed to untrusted networks. The vulnerability aligns with CWE-121 and CWE-122 categories related to buffer overflow conditions and memory management issues, while also mapping to ATT&CK techniques involving service stoppage and availability denial through system resource manipulation. Regular vulnerability assessments should include checks for similar patterns in other database systems and ensure that privilege escalation controls are properly enforced to limit the potential impact of such vulnerabilities.