CVE-2024-21241

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Oct 15, 2024

Summary

CVE-2024-21241 is a vulnerability affecting Oracle MySQL Server, specifically in the Optimizer component, with supported versions 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior being impacted. This easily exploitable vulnerability allows a high-privileged attacker with network access to compromise the MySQL Server, potentially leading to unauthorized denial-of-service (DoS) attacks that can cause server hangs or frequent crashes. The CVSS 3.1 Base Score for this vulnerability is 4.9, indicating a medium severity level primarily impacting availability without affecting confidentiality or integrity. To remediate this vulnerability, organizations should upgrade their MySQL Server installations to versions beyond the vulnerable ones specified by Oracle's security alerts. Failure to address this issue could lead to significant disruptions in service and operational downtime for affected systems within an organization.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share