CVE-2024-20978
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Published Feb 17, 2024
Updated: Mar 1, 2024
Summary
CVE-2024-20978 is a vulnerability affecting Oracle MySQL Server versions 8.0.35 and prior, as well as 8.2.0 and prior. This issue lies within the Optimizer component and is classified as easily exploitable. A high privileged attacker with network access can exploit this vulnerability, leading to a denial-of-service condition. Consequences include causing a hang or frequent crashes in MySQL Server, resulting in significant availability impacts. The CVSS Base Score is 4.9, and the vulnerability vector is (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- MySQL
- Oracle MySQL Server
Affected Vendors
- BonqDAO