CVE-2024-21238

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 15, 2024

Summary

CVE-2024-21238 is a vulnerability affecting Oracle MySQL Server, specifically in the Thread Pooling component of versions 8.0.39 and earlier, 8.4.1 and earlier, and 9.0.1 and earlier. This vulnerability can be exploited by low-privileged attackers with network access using various protocols, allowing them to potentially cause the MySQL Server to hang or crash, resulting in a denial of service (DoS). The CVSS 3.1 base score for this vulnerability is 5.3, indicating a medium severity level with significant availability impact. To remediate this issue, organizations should upgrade to the latest supported version of MySQL Server as recommended by Oracle's security alerts. Failure to address this vulnerability could lead to service disruptions, impacting business operations reliant on database functionality.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share