CVE-2024-21241
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2024-21241 is a vulnerability affecting Oracle MySQL Server, specifically in the Optimizer component, with supported versions 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior being impacted. This easily exploitable vulnerability allows a high-privileged attacker with network access to compromise the MySQL Server, potentially leading to unauthorized denial-of-service (DoS) attacks that can cause server hangs or frequent crashes. The CVSS 3.1 Base Score for this vulnerability is 4.9, indicating a medium severity level primarily impacting availability without affecting confidentiality or integrity. To remediate this vulnerability, organizations should upgrade their MySQL Server installations to versions beyond the vulnerable ones specified by Oracle's security alerts. Failure to address this issue could lead to significant disruptions in service and operational downtime for affected systems within an organization.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.