CVE-2021-2179: 
MySQL vulnerability analysis and mitigation

CVE-2021-2179 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Group Replication Plugin component. The vulnerability was disclosed on April 22, 2021, affecting MySQL versions 5.7.33 and prior, and 8.0.23 and prior. This security flaw requires a high-privileged attacker with network access via multiple protocols to compromise MySQL Server (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 4.9 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The attack requires network access and high privileges but is considered low complexity and requires no user interaction. The scope is unchanged, with no impact on confidentiality or integrity, but has a high impact on availability (Oracle Advisory).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DoS) of MySQL Server. The vulnerability specifically impacts the availability of the system while maintaining no direct impact on confidentiality or integrity (NVD).

Oracle has released patches to address this vulnerability in MySQL versions after 5.7.33 and 8.0.23. Users are strongly advised to upgrade to the latest version. For NetApp products affected by this vulnerability, patches are available through various version updates including Active IQ Unified Manager, OnCommand Insight, OnCommand Workflow Automation, and SnapCenter (NetApp Advisory).

The vulnerability was included in multiple security advisories from major vendors including Oracle, NetApp, and Red Hat. It was also addressed in Fedora's security updates for versions 32, 33, and 34 of their community-mysql packages (Fedora Update).