CVE-2024-20960

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 17, 2024

Updated: Feb 20, 2024

Summary

CVE-2024-20960 is a vulnerability affecting Oracle MySQL Server versions 8.0.35 and prior, as well as 8.2.0 and prior. This easily exploitable issue allows a low-privileged attacker with network access to compromise the server via multiple protocols. Successful exploitation can lead to a hang or frequently repeatable crash (DoS) of MySQL Server, resulting in significant availability impacts. The Base Score is 6.5 (Availability). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MySQL Server
Oracle MySQL Server

Affected Vendors

MySQL AB
BonqDAO

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uKy7Pj
https://www.cve.org/CVERecord?id=CVE-2024-20960
https://nvd.nist.gov/vuln/detail/CVE-2024-20960

Back to Vulnerability Database