CVE-2021-2162: 
MySQL vulnerability analysis and mitigation

CVE-2021-2162 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Audit Plug-in component. The affected versions are MySQL 5.7.33 and prior, and 8.0.23 and prior. This vulnerability was disclosed on April 22, 2021, as part of Oracle's Critical Patch Update (Oracle CPU).

The vulnerability has a CVSS 3.1 Base Score of 4.3 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N. The vulnerability is easily exploitable and requires low attack complexity with network access via multiple protocols. The attack requires low privilege level and no user interaction (Oracle CPU, NVD).

Successful exploitation of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. The vulnerability only affects data integrity, with no impact on confidentiality or availability (Oracle CPU).

Oracle has released patches to address this vulnerability in MySQL versions. Users should upgrade to MySQL version 5.7.34 or 8.0.25 or later versions. Ubuntu users can update to mysql-server-8.0 version 8.0.25-0ubuntu0.20.04.1 for Ubuntu 20.04, or mysql-server-5.7 version 5.7.34-0ubuntu0.18.04.1 for Ubuntu 18.04 (Ubuntu Notice).