CVE-2021-2144

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Published: Apr 23, 2021
Updated: May 4, 2025
CVE: CVE-2021-2144
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / mysql	8.0.0	8.0.19.x
oracle / mysql	5.7.0	5.7.29.x
mariadb / mariadb	10.1.0	10.1.42
mariadb / mariadb	10.2.0	10.2.28
mariadb / mariadb	10.3.0	10.3.19
mariadb / mariadb	10.4.0	10.4.9
mariadb / mariadb	5.5.0	5.5.66

https://security.netapp.com/advisory/ntap-20210513-0002/
https://www.oracle.com/security-alerts/cpuapr2021.html

Vulnerability Database

289,689

CVE-2021-2144