Oracle MySQL 安全漏洞

🗓️ 16 Jul 2024 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 6 Views

Oracle MySQL Server 存在安全漏洞，可能导致未授权创建、删除或修改数据，以及数据访问中断和频繁崩溃。

Reporter	Title	Published	Views	Family All 91
Tenable Nessus	Azure Linux 3.0 Security Update: mysql (CVE-2024-21166)	10 Feb 202500:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: mysql (CVE-2024-21166)	23 Oct 202400:00	–	nessus
Tenable Nessus	Oracle MySQL Server 8.0.x < 8.0.37 (January 2025 CPU)	19 Apr 202400:00	–	nessus
Tenable Nessus	Oracle MySQL Server 8.x < 8.4.0 (July 2024 CPU)	19 Apr 202400:00	–	nessus
Tenable Nessus	Photon OS 5.0: Mysql PHSA-2024-5.0-0335	30 Jul 202400:00	–	nessus
Tenable Nessus	TencentOS Server 4: mysql (TSSA-2024:0671)	16 Jun 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-21166	5 Mar 202500:00	–	nessus
BDU FSTEC	The vulnerability of the InnoDB component in the Oracle MySQL Server database management system allows a hacker to gain unauthorized access for reading, creating, modifying, and deleting data, or to cause service failures.	1 Nov 202400:00	–	bdu_fstec
CBLMariner	CVE-2024-21166 affecting package mysql for versions less than 8.0.40-1	23 Oct 202400:47	–	cbl_mariner
CBLMariner	CVE-2024-21166 affecting package mysql for versions less than 8.0.40-1	25 Oct 202419:50	–	cbl_mariner

Source	Link
oracle	www.oracle.com/security-alerts/cpujul2024.html
cxsecurity	www.cxsecurity.com/cveshow/CVE-2024-21166/
vigilance	www.vigilance.fr/vulnerability/Oracle-MySQL-vulnerabilities-of-July-2024-44771

31 Dec 2025 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.15.9

EPSS0.003

SSVC

Oracle MySQL 安全漏洞未授权访问数据修改数据删除数据中断拒绝服务服务器崩溃