CVE-2024-21230

Summary

CVE-2024-21230 is a vulnerability affecting Oracle MySQL Server, specifically in the Server: Optimizer component, impacting versions 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior. This easily exploitable vulnerability allows low-privileged attackers with network access to cause the MySQL Server to hang or crash, leading to a denial-of-service (DoS) condition. The CVSS 3.1 Base Score for this vulnerability is 6.5, indicating a medium severity level with high availability impact and low attack complexity. To remediate this issue, it is recommended that organizations upgrade their MySQL Server installations to versions beyond those specified as affected. Failure to address this vulnerability may result in significant service disruptions for organizations relying on MySQL databases.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.