CVE-2024-21243
CVSS 3.1 Score 2.2 of 10 (low)
Details
Summary
CVE-2024-21243 is a vulnerability found in Oracle MySQL Server, specifically impacting versions 8.4.2 and earlier, as well as 9.0.1 and earlier, within the Telemetry component. This vulnerability allows a high-privileged attacker with network access to potentially gain unauthorized read access to some data within the MySQL Server environment. Although the base severity is classified as low, with a CVSS score of 2.2, the complexity of exploitation is considered high, requiring significant privileges and presenting minimal risk of detection. To remediate this issue, organizations are advised to update their MySQL Server installations to versions beyond the affected releases. If successfully exploited, this vulnerability poses a confidentiality risk but does not impact data integrity or availability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.