← Zuruck zu CVEs
CVE-2024-21102
MEDIUM4.9
Beschreibung
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE Details
CVSS v3.1 Bewertung4.9
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht4/16/2024
Zuletzt geandert12/6/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
netapp:active_iq_unified_managernetapp:oncommand_insightnetapp:oncommand_workflow_automationnetapp:snapcenteroracle:mysql
Referenzen
https://security.netapp.com/advisory/ntap-20240426-0013/(secalert_us@oracle.com)
https://security.netapp.com/advisory/ntap-20240426-0015/(secalert_us@oracle.com)
https://www.oracle.com/security-alerts/cpuapr2024.html(secalert_us@oracle.com)
https://security.netapp.com/advisory/ntap-20240426-0013/(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20240426-0015/(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpuapr2024.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.