CVE-2021-35602: 
MySQL vulnerability analysis and mitigation

CVE-2021-35602 is a vulnerability in the MySQL Server product, specifically affecting the Server: Options component. The vulnerability affects MySQL Server versions 8.0.26 and prior. This difficult to exploit vulnerability allows high privileged attackers with network access via multiple protocols to compromise MySQL Server (NVD, Oracle CPU).

The vulnerability has a CVSS Base Score of 5.0 (Medium) with the following vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H. This indicates that the vulnerability requires network access, is difficult to exploit (high complexity), requires high privileges, needs no user interaction, has unchanged scope, with no impact on confidentiality, low impact on integrity, and high impact on availability (NetApp Security).

Successful exploitation of this vulnerability could result in unauthorized modification access to some MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (Oracle CPU).

Oracle has released patches to address this vulnerability in MySQL version 8.0.27. Users are strongly recommended to update to this version or later. The fix is available through various distribution channels including Ubuntu, Fedora, and Red Hat (Ubuntu Notice, Oracle CPU).