CVE-2024-21057

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Apr 16, 2024

Updated: Jul 3, 2024

CWE ID 400

Summary

CVE-2024-21057 is a new vulnerability affecting the Optimizer component in Oracle MySQL Server versions 8.0.35 and below. This issue allows high-privileged attackers with network access to cause a hang or frequently repeatable crash of MySQL Server through multiple protocols. Successfully exploiting this vulnerability can lead to a Denial of Service (DoS) attack, with a CVSS Base Score of 4.9 for Availability impacts. The CVSS Vector is (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MySQL Server

Affected Vendors

MySQL AB

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vblQ0b
https://www.cve.org/CVERecord?id=CVE-2024-21057
https://nvd.nist.gov/vuln/detail/CVE-2024-21057

Back to Vulnerability Database