CVE-2021-2308: 
MySQL vulnerability analysis and mitigation

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema) affecting versions 8.0.23 and prior. This easily exploitable vulnerability allows high privileged attackers with network access via multiple protocols to compromise MySQL Server (Oracle Advisory, NetApp Advisory).

The vulnerability has a CVSS 3.1 Base Score of 2.7 (Low) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N. The attack requires network access and high privileges but has low attack complexity and requires no user interaction. The scope is unchanged, with only confidentiality having a low impact while integrity and availability are not affected (Oracle Advisory).

Successful exploitation of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. The impact is limited to confidentiality, with no impact on system integrity or availability (Oracle Advisory, NetApp Advisory).

Oracle has released security patches to address this vulnerability. Users should upgrade to the latest version of MySQL Server. For specific products like OnCommand Workflow Automation, OnCommand Unified Manager, and SnapCenter Server, the MySQL software can be upgraded as specified in the product documentation (NetApp Advisory).