Vulnerability identifier: #VU57510

Vulnerability risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-2471

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 3

• October 24, 2021
  • CVE-2021-2471 () [Github]
  • CVE-2021-2471 (PoC for CVE-2021-2471 - XXE in MySQL Connector/J) [Github]
  • jdbc-sqlxml-xxe (h2-jdbc(https://github.com/h2database/h2database/issues/3195) & mysql-jdbc(CVE-2021-2471) SQLXML XXE vulnerability reproduction.) [Github]

Vulnerable software:
MySQL Connectors
Hardware solutions / Drivers

Vendor: Oracle