CVE-2024-21008

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Apr 16, 2024
Updated: Apr 26, 2024

Summary

CVE-2024-21008 is a vulnerability affecting Oracle MySQL Server versions 8.0.36 and prior, as well as 8.3.0 and prior. This issue lies within the Optimizer component and is classified as difficult to exploit. A high privileged attacker with network access can take advantage of this flaw, potentially leading to a denial-of-service condition. Successful exploitation can result in a MySQL Server hang or frequent crashes, significantly impacting system availability. The Base Score, according to the Common Vulnerability Scoring System (CVSS), is 4.4. The CVSS Vector is: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • MySQL
  • MySQL Server

Affected Vendors

  • BonqDAO
  • MySQL AB