CVE-2024-21201

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Oct 15, 2024

Summary

CVE-2024-21201 is a vulnerability affecting the MySQL Server product from Oracle MySQL, specifically within the Server: Optimizer component, with supported versions including 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior. This vulnerability allows high-privileged attackers with network access to exploit it easily, potentially leading to denial-of-service (DOS) conditions through frequent crashes or hangs of the MySQL Server. The CVSS 3.1 Base Score for this vulnerability is 4.9, indicating a medium severity level with significant availability impact but no integrity or confidentiality impact. To remediate this issue, organizations should upgrade to versions of MySQL Server that are beyond the affected versions mentioned above. The attack vector requires low complexity and does not necessitate user interaction, further underscoring the potential risk to organizations using vulnerable versions of MySQL Server.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share