{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2023 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2021-2352","title":"Title"},{"category":"description","text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2021-2352","url":"https://www.suse.com/security/cve/CVE-2021-2352"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1188549 for CVE-2021-2352","url":"https://bugzilla.suse.com/1188549"}],"title":"SUSE CVE CVE-2021-2352","tracking":{"current_release_date":"2023-02-15T03:49:59Z","generator":{"date":"2023-02-15T03:49:59Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2021-2352","initial_release_date":"2023-02-15T03:49:59Z","revision_history":[{"date":"2023-02-15T03:49:59Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15:sp4"}}},{"category":"product_version","name":"libmariadbd-devel","product":{"name":"libmariadbd-devel","product_id":"libmariadbd-devel"}},{"category":"product_version","name":"libmariadbd19","product":{"name":"libmariadbd19","product_id":"libmariadbd19"}},{"category":"product_version","name":"mariadb","product":{"name":"mariadb","product_id":"mariadb","product_identification_helper":{"cpe":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"mariadb-client","product":{"name":"mariadb-client","product_id":"mariadb-client"}},{"category":"product_version","name":"mariadb-errormessages","product":{"name":"mariadb-errormessages","product_id":"mariadb-errormessages"}},{"category":"product_version","name":"mariadb-tools","product":{"name":"mariadb-tools","product_id":"mariadb-tools"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libmariadbd-devel as component of SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4:libmariadbd-devel"},"product_reference":"libmariadbd-devel","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"libmariadbd19 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4:libmariadbd19"},"product_reference":"libmariadbd19","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"mariadb as component of SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb"},"product_reference":"mariadb","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"mariadb-client as component of SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb-client"},"product_reference":"mariadb-client","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"mariadb-errormessages as component of SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb-errormessages"},"product_reference":"mariadb-errormessages","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"mariadb-tools as component of SUSE Linux Enterprise Module for Server Applications 15 SP4","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb-tools"},"product_reference":"mariadb-tools","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP4"}]},"vulnerabilities":[{"cve":"CVE-2021-2352","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-2352"}],"notes":[{"category":"general","text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).","title":"Vulnerability description"}],"product_status":{"known not affected":["SUSE Linux Enterprise Module for Server Applications 15 SP4:libmariadbd-devel","SUSE Linux Enterprise Module for Server Applications 15 SP4:libmariadbd19","SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb","SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb-client","SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb-errormessages","SUSE Linux Enterprise Module for Server Applications 15 SP4:mariadb-tools"]},"references":[{"category":"external","summary":"CVE-2021-2352","url":"https://www.suse.com/security/cve/CVE-2021-2352"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1188549 for CVE-2021-2352","url":"https://bugzilla.suse.com/1188549"}],"threats":[{"category":"impact","date":"2021-07-20T21:02:54Z","details":"moderate"}],"title":"CVE-2021-2352"}]}