CVE-2024-21239

Summary

CVE-2024-21239 is a vulnerability affecting Oracle MySQL Server, specifically in the InnoDB component, with supported versions 8.0.39 and earlier, 8.4.2 and earlier, and 9.0.1 and earlier being at risk. The vulnerability allows a high-privileged attacker to exploit the MySQL Server over network protocols, leading to potential denial-of-service (DoS) attacks by causing the server to hang or crash repeatedly. The CVSS 3.1 base score for this vulnerability is 4.9, indicating a medium severity level with high availability impact but no integrity or confidentiality risks. To remediate this issue, it is recommended that affected organizations update their MySQL Server installations to versions beyond those specified as vulnerable. Failure to address this vulnerability could result in significant disruptions to database services within an organization’s infrastructure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.