CVE-2024-21096

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Apr 16, 2024
Updated: Jun 18, 2024

Summary

CVE-2024-21096 is a vulnerability impacting Oracle MySQL's mysqldump component in versions 8.0.36 and prior, as well as 8.3.0 and prior. An unauthenticated attacker with access to the infrastructure where MySQL Server runs can exploit this difficulty-to-exploit issue, leading to unauthorized data manipulation or partial denial of service. Consequences include unauthorized updates, inserts, or deletes, as well as unauthorized read access to a portion of the MySQL Server data. The Base Score, according to CVSS 3.1, is 4.9 (Confidentiality, Integrity, and Availability impacts). The vulnerability can be exploited without authentication (AV:L), has high attack complexity (AC:H), requires no user interaction (PR:N), and has network, user data, and system availability impacts (S:U/C:L/I:L/A:L).

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-21096 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions