CVE-2024-21009

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Apr 16, 2024
Updated: Apr 26, 2024

Summary

CVE-2024-21009 is a vulnerability affecting Oracle MySQL Server versions 8.0.36 and prior, as well as 8.3.0 and prior. This issue, which lies within the Optimizer component, is classified as easily exploitable and allows high privileged attackers with network access to cause a hang or frequent crash of the MySQL Server. The impact of successful attacks includes denial-of-service (DoS) capabilities, leading to a CVSS 3.1 Base Score of 4.9. Attackers can exploit this vulnerability through multiple protocols, making it crucial for users to apply patches or upgrades as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • MySQL
  • MySQL Server

Affected Vendors

  • BonqDAO
  • MySQL AB