CVE-2024-20996

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Jul 16, 2024
Updated: Jul 17, 2024

Summary

CVE-2024-20996 is a newly identified vulnerability affecting the InnoDB component of Oracle MySQL Server. Versions 8.0.37 and prior, as well as 8.4.0 and prior, are considered vulnerable. This issue enables high-privileged attackers with network access to exploit the system via multiple protocols. Successfully exploited vulnerabilities can lead to a denial-of-service (DoS) condition, causing the MySQL Server to hang or crash repeatedly. The CVSS Base Score for this vulnerability is 4.9, with a high level of privilege required for an attacker (PR:H) and no user interaction needed (UI:N).

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Oracle MySQL Server
  • MySQL Server

Affected Vendors

  • MySQL AB
  • BonqDAO