CVE-2024-21166

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Jul 16, 2024

Updated: Aug 1, 2024

CWE ID 285

Summary

CVE-2024-21166 is a vulnerability affecting Oracle MySQL's InnoDB component. Affected versions include 8.0.36 and prior, as well as 8.3.0 and prior. This issue allows high-privileged attackers with network access to compromise the MySQL Server via multiple protocols. Successful exploitation can result in unauthorized data modification, including critical data, or a complete denial-of-service through server crashes. The base score on the Common Vulnerability Scoring System is 5.9, with both integrity and availability impacts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Oracle MySQL Server
MySQL
MySQL Server

Affected Vendors

BonqDAO
MySQL AB

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xDiQn5
https://www.cve.org/CVERecord?id=CVE-2024-21166
https://nvd.nist.gov/vuln/detail/CVE-2024-21166

Back to Vulnerability Database