CVE-2024-21096

Summary

CVE-2024-21096 is a vulnerability impacting Oracle MySQL's mysqldump component in versions 8.0.36 and prior, as well as 8.3.0 and prior. An unauthenticated attacker with access to the infrastructure where MySQL Server runs can exploit this difficulty-to-exploit issue, leading to unauthorized data manipulation or partial denial of service. Consequences include unauthorized updates, inserts, or deletes, as well as unauthorized read access to a portion of the MySQL Server data. The Base Score, according to CVSS 3.1, is 4.9 (Confidentiality, Integrity, and Availability impacts). The vulnerability can be exploited without authentication (AV:L), has high attack complexity (AC:H), requires no user interaction (PR:N), and has network, user data, and system availability impacts (S:U/C:L/I:L/A:L).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.