CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
94.0%
The version of MySQL running on the remote host is 8.0.x prior to 8.0.27. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the October 2021 Critical Patch Update advisory:
A vulnerability in the OpenSSL component that can result in a takeover of the MySQL server.
(CVE-2021-3711)
An easily exploitable vulnerability in the Kerberos component of MySQL server that allows an unauthenticated, remote attacker to affect availability. (CVE-2021-36222)
An easily exploitable vulnerability in the cURL component that allows an unauthenticated, remote attacker to affect the availability of the MySQL Server. (CVE-2021-22926)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(154258);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/28");
script_cve_id(
"CVE-2021-2478",
"CVE-2021-2479",
"CVE-2021-2481",
"CVE-2021-3711",
"CVE-2021-22926",
"CVE-2021-35546",
"CVE-2021-35575",
"CVE-2021-35577",
"CVE-2021-35591",
"CVE-2021-35596",
"CVE-2021-35597",
"CVE-2021-35602",
"CVE-2021-35604",
"CVE-2021-35607",
"CVE-2021-35608",
"CVE-2021-35610",
"CVE-2021-35612",
"CVE-2021-35622",
"CVE-2021-35623",
"CVE-2021-35624",
"CVE-2021-35625",
"CVE-2021-35626",
"CVE-2021-35627",
"CVE-2021-35628",
"CVE-2021-35630",
"CVE-2021-35631",
"CVE-2021-35632",
"CVE-2021-35633",
"CVE-2021-35634",
"CVE-2021-35635",
"CVE-2021-35636",
"CVE-2021-35637",
"CVE-2021-35638",
"CVE-2021-35639",
"CVE-2021-35640",
"CVE-2021-35641",
"CVE-2021-35642",
"CVE-2021-35643",
"CVE-2021-35644",
"CVE-2021-35645",
"CVE-2021-35646",
"CVE-2021-35647",
"CVE-2021-35648",
"CVE-2021-36222",
"CVE-2022-21278",
"CVE-2022-21297",
"CVE-2022-21352"
);
script_xref(name:"IAVA", value:"2021-A-0487-S");
script_name(english:"MySQL 8.0.x < 8.0.27 Multiple Vulnerabilities (Oct 2021 CPU)");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of MySQL running on the remote host is 8.0.x prior to 8.0.27. It is, therefore, affected by multiple
vulnerabilities, including the following, as noted in the October 2021 Critical Patch Update advisory:
- A vulnerability in the OpenSSL component that can result in a takeover of the MySQL server.
(CVE-2021-3711)
- An easily exploitable vulnerability in the Kerberos component of MySQL server that allows an
unauthenticated, remote attacker to affect availability. (CVE-2021-36222)
- An easily exploitable vulnerability in the cURL component that allows an unauthenticated, remote attacker
to affect the availability of the MySQL Server. (CVE-2021-22926)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/a/tech/docs/cpuoct2021cvrf.xml");
script_set_attribute(attribute:"solution", value:
"Upgrade to MySQL version 8.0.27 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3711");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/07/22");
script_set_attribute(attribute:"patch_publication_date", value:"2021/10/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/10/20");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mysql_version.nasl", "mysql_login.nasl", "mysql_version_local.nasl", "mysql_win_installed.nbin", "macosx_mysql_installed.nbin");
script_require_keys("installed_sw/MySQL Server");
exit(0);
}
include('vcf_extras_mysql.inc');
var app_info = vcf::mysql::combined_get_app_info();
var constraints = [{ 'min_version' : '8.0', 'fixed_version' : '8.0.27'}];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2481
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35546
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35577
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35591
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35602
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35604
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35607
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35610
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35628
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35630
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35631
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35632
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35633
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35634
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35635
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35636
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35637
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35639
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35640
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35641
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35642
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35643
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35644
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35645
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35646
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21278
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21297
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21352
www.oracle.com/a/tech/docs/cpuoct2021cvrf.xml
www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
94.0%