CVE-2024-21165

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Jul 16, 2024

Updated: Jul 17, 2024

Summary

CVE-2024-21165 is a vulnerability affecting Oracle MySQL Server versions 8.0.37 and earlier. This issue, located in the Pluggable Auth component, is classified as easily exploitable. A high privileged attacker with network access can leverage this vulnerability to induce a hang or frequent crash of the MySQL Server, resulting in a Denial of Service (DoS) attack. The Base Score of this vulnerability is 4.9, with a CVSS Vector of (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MySQL

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xDiQob
https://www.cve.org/CVERecord?id=CVE-2024-21165
https://nvd.nist.gov/vuln/detail/CVE-2024-21165

Back to Vulnerability Database