CVE-2024-20996
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2024-20996 is a newly identified vulnerability affecting the InnoDB component of Oracle MySQL Server. Versions 8.0.37 and prior, as well as 8.4.0 and prior, are considered vulnerable. This issue enables high-privileged attackers with network access to exploit the system via multiple protocols. Successfully exploited vulnerabilities can lead to a denial-of-service (DoS) condition, causing the MySQL Server to hang or crash repeatedly. The CVSS Base Score for this vulnerability is 4.9, with a high level of privilege required for an attacker (PR:H) and no user interaction needed (UI:N).
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Oracle MySQL Server
- MySQL Server
Affected Vendors
- MySQL AB
- BonqDAO