CVE-2024-20985

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 16, 2024

Updated: Feb 2, 2024

Summary

CVE-2024-20985 is a vulnerability affecting Oracle MySQL Server versions 8.0.35 and prior, as well as 8.2.0 and prior. This issue lies within the UDF (User Defined Function) component, making it easily exploitable for low-privileged attackers with network access. The successful exploitation of this vulnerability can lead to a denial-of-service (DoS) condition, causing the MySQL Server to hang or crash repeatedly. The Common Vulnerability Scoring System (CVSS) Base Score for this vulnerability is 6.5, with a significant impact on server availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MySQL

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uKy7Pn
https://www.cve.org/CVERecord?id=CVE-2024-20985
https://nvd.nist.gov/vuln/detail/CVE-2024-20985

Back to Vulnerability Database