CVE-2024-20981

Summary

CVE-2024-20981 is a vulnerability in the MySQL Server product of Oracle MySQL. It affects versions 8.0.35 and prior, as well as 8.2.0 and prior. This vulnerability can be easily exploited by a high privileged attacker with network access through multiple protocols, allowing them to compromise the MySQL Server. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash of the server, leading to a denial-of-service (DOS) situation. The CVSS 3.1 Base Score for this vulnerability is 4.9, indicating medium severity with availability impacts. A patch or update from Oracle is required to remediate this vulnerability. Affected Products: tkNmD_, Z3R9gD, tkNmD-, Z2nole, r6Wi6e, r6Wi6f, lYKMY2, kTfW5V, YLUeA1, mYigth, YLUeA0, YLUeAz, YLUeAy, YLUeAx, YLUeAw, ejS_sg, dfvGVU, r6Wi6g, r6Wi6h, r6Wi6i, f2uUhN Remediation: Apply the latest patch or update provided by Oracle MySQL to fix the vulnerability. Potential Danger: The vulnerability allows attackers to compromise the MySQL server and potentially cause a denial-of-service situation by crashing or hanging the server repeatedly. This can have significant consequences for organizations relying on MySQL for their database management and can disrupt their operations until the issue is resolved.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.