CVE-2024-21157

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Jul 16, 2024

Updated: Jul 17, 2024

Summary

CVE-2024-21157 is a newly identified vulnerability affecting the InnoDB component of Oracle MySQL versions 8.0.36 and prior, as well as 8.4.0 and prior. This issue is classified as easily exploitable, enabling high privileged network attackers to cause a denial-of-service (DoS) on targeted MySQL Servers. The result of a successful exploit includes frequent crashes or server hangs, leading to significant availability impacts. The Base Score is 4.9, with CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MySQL
Oracle MySQL Server
MySQL Server

Affected Vendors

BonqDAO
MySQL AB

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xDiQoD
https://www.cve.org/CVERecord?id=CVE-2024-21157
https://nvd.nist.gov/vuln/detail/CVE-2024-21157

Back to Vulnerability Database