Lucene search

F5F5:K000140399

HistoryJul 22, 2024 - 12:00 a.m.

K000140399: MySQL vulnerabilities CVE-2024-21130, CVE-2024-21142, CVE-2024-21166, and CVE-2024-21185

2024-07-2200:00:00

my.f5.com

mysql server

oracle mysql

vulnerabilities

unauthorized access

denial of service

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

JSON

Security Advisory Description

CVE-2024-21130

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21142

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2024-21166

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H).

CVE-2024-21185

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38, 8.4.1 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Impact

There is no impact; F5 products are not affected by this vulnerability.

Affected configurations

Vulners

Node

f5big-ip_nextMatch20.0.0

f5big-ip_nextMatch20.0.1

f5big-ip_nextMatch20.0.2

f5big-ip_nextMatch20.0.x

f5big-ip_nextMatch20.1.0

f5big-ip_nextMatch20.1.1

f5big-ip_nextMatch20.1.x

f5big-ip_nextMatch20.2.0

f5big-ip_nextMatch20.2.1

f5big-ip_nextMatch20.2.x

f5big-ip_nextMatch20.x.x

f5big-ip_nextMatch1.1.0

f5big-ip_nextMatch1.1.1

f5big-ip_nextMatch1.2.0

f5big-ip_nextMatch1.2.1

f5big-ip_nextMatch1.3.0

f5big-ip_dnsMatch1.1.0

f5big-ip_dnsMatch1.1.1

f5big-ip_dnsMatch1.2.0

f5big-ip_dnsMatch1.2.1

f5big-ip_dnsMatch1.3.0

f5big-ip_nextMatch1.1.0

f5big-ip_nextMatch1.1.1

f5big-ip_nextMatch1.2.0

f5big-ip_nextMatch1.2.1

f5big-ip_nextMatch1.3.0

f5big-ip_ltmMatch20.1.0

f5big-ip_ltmMatch20.2.0

f5big-ip_ltmMatch20.2.1

f5big-ip_nextMatch1.7.0

f5big-ip_nextMatch1.7.1

f5big-ip_nextMatch1.7.2

f5big-ip_nextMatch1.7.3

f5big-ip_nextMatch1.7.4

f5big-ip_nextMatch1.7.5

f5big-ip_nextMatch1.7.6

f5big-ip_nextMatch1.7.7

f5big-ip_nextMatch1.7.8

f5big-ip_nextMatch1.7.9

f5big-ip_nextMatch1.8.0

f5big-ip_nextMatch1.8.2

f5big-ip_nextMatch1.9.0

f5big-ip_nextMatch1.9.1

f5big-ip_nextMatch1.9.2

f5big-ip_nextMatch20.1.0

f5big-ip_nextMatch20.2.0

f5big-ip_nextMatch20.2.1

f5big-ipMatch15.1.0

f5big-ipMatch15.1.1

f5big-ipMatch15.1.10

f5big-ipMatch15.1.2

f5big-ipMatch15.1.3

f5big-ipMatch15.1.4

f5big-ipMatch15.1.5

f5big-ipMatch15.1.6

f5big-ipMatch15.1.7

f5big-ipMatch15.1.8

f5big-ipMatch15.1.9

f5big-ip_afmMatch15.1.0

f5big-ip_afmMatch15.1.1

f5big-ip_afmMatch15.1.10

f5big-ip_afmMatch15.1.2

f5big-ip_afmMatch15.1.3

f5big-ip_afmMatch15.1.4

f5big-ip_afmMatch15.1.5

f5big-ip_afmMatch15.1.6

f5big-ip_afmMatch15.1.7

f5big-ip_afmMatch15.1.8

f5big-ip_afmMatch15.1.9

f5big-ip_afmMatch16.1.0

f5big-ip_afmMatch16.1.1

f5big-ip_afmMatch16.1.2

f5big-ip_afmMatch16.1.3

f5big-ip_afmMatch16.1.4

f5big-ip_afmMatch17.1.0

f5big-ip_afmMatch17.1.1

f5big-ip_analyticsMatch15.1.0

f5big-ip_analyticsMatch15.1.1

f5big-ip_analyticsMatch15.1.10

f5big-ip_analyticsMatch15.1.2

f5big-ip_analyticsMatch15.1.3

f5big-ip_analyticsMatch15.1.4

f5big-ip_analyticsMatch15.1.5

f5big-ip_analyticsMatch15.1.6

f5big-ip_analyticsMatch15.1.7

f5big-ip_analyticsMatch15.1.8

f5big-ip_analyticsMatch15.1.9

f5big-ip_analyticsMatch16.1.0

f5big-ip_analyticsMatch16.1.1

f5big-ip_analyticsMatch16.1.2

f5big-ip_analyticsMatch16.1.3

f5big-ip_analyticsMatch16.1.4

f5big-ip_analyticsMatch17.1.0

f5big-ip_analyticsMatch17.1.1

f5big-ip_apmMatch15.1.0

f5big-ip_apmMatch15.1.1

f5big-ip_apmMatch15.1.10

f5big-ip_apmMatch15.1.2

f5big-ip_apmMatch15.1.3

f5big-ip_apmMatch15.1.4

f5big-ip_apmMatch15.1.5

f5big-ip_apmMatch15.1.6

f5big-ip_apmMatch15.1.7

f5big-ip_apmMatch15.1.8

f5big-ip_apmMatch15.1.9

f5big-ip_apmMatch16.1.0

f5big-ip_apmMatch16.1.1

f5big-ip_apmMatch16.1.2

f5big-ip_apmMatch16.1.3

f5big-ip_apmMatch16.1.4

f5big-ip_apmMatch17.1.0

f5big-ip_apmMatch17.1.1

f5big-ip_asmMatch15.1.0

f5big-ip_asmMatch15.1.1

f5big-ip_asmMatch15.1.10

f5big-ip_asmMatch15.1.2

f5big-ip_asmMatch15.1.3

f5big-ip_asmMatch15.1.4

f5big-ip_asmMatch15.1.5

f5big-ip_asmMatch15.1.6

f5big-ip_asmMatch15.1.7

f5big-ip_asmMatch15.1.8

f5big-ip_asmMatch15.1.9

f5big-ip_asmMatch16.1.0

f5big-ip_asmMatch16.1.1

f5big-ip_asmMatch16.1.2

f5big-ip_asmMatch16.1.3

f5big-ip_asmMatch16.1.4

f5big-ip_asmMatch17.1.0

f5big-ip_asmMatch17.1.1

f5big-ip_dnsMatch15.1.0

f5big-ip_dnsMatch15.1.1

f5big-ip_dnsMatch15.1.10

f5big-ip_dnsMatch15.1.2

f5big-ip_dnsMatch15.1.3

f5big-ip_dnsMatch15.1.4

f5big-ip_dnsMatch15.1.5

f5big-ip_dnsMatch15.1.6

f5big-ip_dnsMatch15.1.7

f5big-ip_dnsMatch15.1.8

f5big-ip_dnsMatch15.1.9

f5big-ip_dnsMatch16.1.0

f5big-ip_dnsMatch16.1.1

f5big-ip_dnsMatch16.1.2

f5big-ip_dnsMatch16.1.3

f5big-ip_dnsMatch16.1.4

f5big-ip_dnsMatch17.1.0

f5big-ip_dnsMatch17.1.1

f5big-ipMatch15.1.0

f5big-ipMatch15.1.1

f5big-ipMatch15.1.10

f5big-ipMatch15.1.2

f5big-ipMatch15.1.3

f5big-ipMatch15.1.4

f5big-ipMatch15.1.5

f5big-ipMatch15.1.6

f5big-ipMatch15.1.7

f5big-ipMatch15.1.8

f5big-ipMatch15.1.9

f5big-ipMatch16.1.0

f5big-ipMatch16.1.1

f5big-ipMatch16.1.2

f5big-ipMatch16.1.3

f5big-ipMatch16.1.4

f5big-ipMatch17.1.0

f5big-ipMatch17.1.1

f5big-ip_link_controllerMatch15.1.10

f5big-ip_link_controllerMatch15.1.7

f5big-ip_link_controllerMatch15.1.8

f5big-ip_link_controllerMatch15.1.9

f5big-ip_link_controllerMatch16.1.0

f5big-ip_link_controllerMatch16.1.1

f5big-ip_link_controllerMatch16.1.2

f5big-ip_link_controllerMatch16.1.3

f5big-ip_link_controllerMatch16.1.4

f5big-ip_link_controllerMatch17.1.0

f5big-ip_link_controllerMatch17.1.1

f5big-ip_ltmMatch15.1.0

f5big-ip_ltmMatch15.1.1

f5big-ip_ltmMatch15.1.10

f5big-ip_ltmMatch15.1.2

f5big-ip_ltmMatch15.1.3

f5big-ip_ltmMatch15.1.4

f5big-ip_ltmMatch15.1.5

f5big-ip_ltmMatch15.1.6

f5big-ip_ltmMatch15.1.7

f5big-ip_ltmMatch15.1.8

f5big-ip_ltmMatch15.1.9

f5big-ip_ltmMatch16.1.0

f5big-ip_ltmMatch16.1.1

f5big-ip_ltmMatch16.1.2

f5big-ip_ltmMatch16.1.3

f5big-ip_ltmMatch16.1.4

f5big-ip_ltmMatch17.1.0

f5big-ip_ltmMatch17.1.1

f5big-ip_pemMatch15.1.0

f5big-ip_pemMatch15.1.1

f5big-ip_pemMatch15.1.10

f5big-ip_pemMatch15.1.2

f5big-ip_pemMatch15.1.3

f5big-ip_pemMatch15.1.4

f5big-ip_pemMatch15.1.5

f5big-ip_pemMatch15.1.6

f5big-ip_pemMatch15.1.7

f5big-ip_pemMatch15.1.8

f5big-ip_pemMatch15.1.9

f5big-ip_pemMatch16.1.0

f5big-ip_pemMatch16.1.1

f5big-ip_pemMatch16.1.2

f5big-ip_pemMatch16.1.3

f5big-ip_pemMatch16.1.4

f5big-ip_pemMatch17.1.0

f5big-ip_pemMatch17.1.1

f5nginx_agentMatch2.17.0

f5nginx_agentMatch2.18.0

f5nginx_agentMatch2.19.0

f5nginx_agentMatch2.20.0

f5nginx_agentMatch2.20.1

f5nginx_agentMatch2.22.0

f5nginx_agentMatch2.22.1

f5nginx_agentMatch2.23.0

f5nginx_agentMatch2.23.1

f5nginx_agentMatch2.23.2

f5nginx_agentMatch2.23.3

f5nginx_agentMatch2.24.0

f5nginx_agentMatch2.24.1

f5nginx_agentMatch2.25.0

f5nginx_agentMatch2.25.1

f5nginx_agentMatch2.26.0

f5nginx_agentMatch2.26.1

f5nginx_agentMatch2.26.2

f5nginx_agentMatch2.27.0

f5nginx_agentMatch2.28.0

f5nginx_agentMatch2.28.1

f5nginx_agentMatch2.29.0

f5nginx_agentMatch2.30.0

f5nginx_agentMatch2.30.1

f5nginx_agentMatch2.30.2

f5nginx_agentMatch2.30.3

f5nginx_agentMatch2.31.0

f5nginx_agentMatch2.31.1

f5nginx_agentMatch2.31.2

f5nginx_agentMatch2.32.0

f5nginx_agentMatch2.32.1

f5nginx_agentMatch2.32.2

f5nginx_agentMatch2.33.0

f5nginx_agentMatch2.34.0

f5nginx_agentMatch2.34.1

f5nginx_agentMatch2.35.0

f5nginx_agentMatch2.35.1

f5nginx_agentMatch2.36.0

f5nginx_agentMatch2.36.1

f5nginx_api_connectivity_managerMatch1.0.0

f5nginx_api_connectivity_managerMatch1.1.0

f5nginx_api_connectivity_managerMatch1.1.1

f5nginx_api_connectivity_managerMatch1.2.0

f5nginx_api_connectivity_managerMatch1.3.0

f5nginx_api_connectivity_managerMatch1.3.1

f5nginx_api_connectivity_managerMatch1.4.0

f5nginx_api_connectivity_managerMatch1.4.1

f5nginx_api_connectivity_managerMatch1.5.0

f5nginx_api_connectivity_managerMatch1.6.0

f5nginx_api_connectivity_managerMatch1.7.0

f5nginx_api_connectivity_managerMatch1.8.0

f5nginx_api_connectivity_managerMatch1.9.0

f5nginx_api_connectivity_managerMatch1.9.1

f5nginx_api_connectivity_managerMatch1.9.2

f5nginx_app_protectMatch2.4.0

f5nginx_app_protectMatch3.0.0

f5nginx_app_protectMatch3.1.0

f5nginx_app_protectMatch4.0.1

f5nginx_app_protectMatch4.1.0

f5nginx_app_protectMatch4.2.0

f5nginx_app_protectMatch4.3.0

f5nginx_app_protectMatch4.4.0

f5nginx_app_protectMatch3.11.0

f5nginx_app_protectMatch3.12.1

f5nginx_app_protectMatch3.12.2

f5nginx_app_protectMatch4.0.0

f5nginx_app_protectMatch4.1.0

f5nginx_app_protectMatch4.10.0

f5nginx_app_protectMatch4.2.0

f5nginx_app_protectMatch4.3.0

f5nginx_app_protectMatch4.4.0

f5nginx_app_protectMatch4.5.0

f5nginx_app_protectMatch4.6.0

f5nginx_app_protectMatch4.7.0

f5nginx_app_protectMatch4.8.0

f5nginx_app_protectMatch4.8.1

f5nginx_app_protectMatch4.9.0

f5nginx_app_protectMatch5.0.0

f5nginx_app_protectMatch5.1.0

f5nginx_app_protectMatch5.2.0

f5nginx_controllerMatch3.18.3

f5nginx_controllerMatch3.19.1-apim

f5nginx_controllerMatch3.19.2-apim

f5nginx_controllerMatch3.19.3-apim

f5nginx_controllerMatch3.19.4-apim

f5nginx_controllerMatch3.19.5-apim

f5nginx_controllerMatch3.19.6-apim

f5nginx_controllerMatch3.20.0

f5nginx_controllerMatch3.20.1

f5nginx_controllerMatch3.21.0

f5nginx_controllerMatch3.22.0

f5nginx_controllerMatch3.22.1

f5nginx_controllerMatch3.22.2

f5nginx_controllerMatch3.22.3

f5nginx_controllerMatch3.22.4

f5nginx_controllerMatch3.22.5

f5nginx_controllerMatch3.22.6

f5nginx_controllerMatch3.22.7

f5nginx_controllerMatch3.22.8

f5nginx_controllerMatch3.22.9

f5nginx_ingress_controllerMatch1.12.5

f5nginx_ingress_controllerMatch2.2.1

f5nginx_ingress_controllerMatch2.2.2

f5nginx_ingress_controllerMatch2.3.0

f5nginx_ingress_controllerMatch2.4.0

f5nginx_ingress_controllerMatch2.4.1

f5nginx_ingress_controllerMatch2.4.2

f5nginx_ingress_controllerMatch3.0.0

f5nginx_ingress_controllerMatch3.0.1

f5nginx_ingress_controllerMatch3.0.2

f5nginx_ingress_controllerMatch3.1.0

f5nginx_ingress_controllerMatch3.1.1

f5nginx_ingress_controllerMatch3.2.0

f5nginx_ingress_controllerMatch3.2.1

f5nginx_ingress_controllerMatch3.3.0

f5nginx_ingress_controllerMatch3.3.1

f5nginx_ingress_controllerMatch3.4.0

f5nginx_ingress_controllerMatch3.4.1

f5nginx_ingress_controllerMatch3.4.2

f5nginx_ingress_controllerMatch3.5.0

f5nginx_ingress_controllerMatch3.5.1

f5nginx_ingress_controllerMatch3.5.2

f5nginx_ingress_controllerMatch3.6.0

f5nginx_instance_managerMatch2.10.0

f5nginx_instance_managerMatch2.10.1

f5nginx_instance_managerMatch2.11.0

f5nginx_instance_managerMatch2.12.0

f5nginx_instance_managerMatch2.13.0

f5nginx_instance_managerMatch2.13.1

f5nginx_instance_managerMatch2.14.0

f5nginx_instance_managerMatch2.14.1

f5nginx_instance_managerMatch2.15.0

f5nginx_instance_managerMatch2.15.1

f5nginx_instance_managerMatch2.16.0

f5nginx_instance_managerMatch2.17.0

f5nginx_instance_managerMatch2.3.1

f5nginx_instance_managerMatch2.4.0

f5nginx_instance_managerMatch2.5.0

f5nginx_instance_managerMatch2.5.1

f5nginx_instance_managerMatch2.6.0

f5nginx_instance_managerMatch2.7.0

f5nginx_instance_managerMatch2.8.0

f5nginx_instance_managerMatch2.9.0

f5nginx_instance_managerMatch2.9.1

f5nginx_security_monitoringMatch1.0.0

f5nginx_security_monitoringMatch1.1.0

f5nginx_security_monitoringMatch1.2.0

f5nginx_security_monitoringMatch1.3.0

f5nginx_security_monitoringMatch1.4.0

f5nginx_security_monitoringMatch1.5.0

f5nginx_security_monitoringMatch1.6.0

f5nginx_security_monitoringMatch1.7.0

f5nginx_security_monitoringMatch1.7.1

f5nginxMatchr27plus

f5nginxMatchr28plus

f5nginxMatchr29plus

f5nginxMatchr30plus

f5nginxMatchr31plus

f5nginxMatchr32plus

f5nginx_service_meshMatch1.1.0

f5nginx_service_meshMatch1.2.0

f5nginx_service_meshMatch1.2.1

f5nginx_service_meshMatch1.3.0

f5nginx_service_meshMatch1.3.1

f5nginx_service_meshMatch1.4.0

f5nginx_service_meshMatch1.4.1

f5nginx_service_meshMatch1.5.0

f5nginx_service_meshMatch1.6.0

f5nginx_service_meshMatch1.7.0

f5nginx_service_meshMatch2.0.0

f5nginxMatch1.27.0

f5nginxMatch1.28.0

f5nginxMatch1.29.0

f5nginxMatch1.30.0

f5nginxMatch1.31.0

f5nginxMatch1.31.1

f5nginxMatch1.32.0

f5nginxMatch1.32.1

f5f5os-aMatch1.5.1

f5f5os-aMatch1.5.2

f5f5os-aMatch1.7.0

f5f5os-cMatch1.6.0

f5f5os-cMatch1.6.1

f5f5os-cMatch1.6.2

f5big-iq_centralized_managementMatch8.2.0

f5big-iq_centralized_managementMatch8.3.0

f5big-ip_ddos_hybrid_defenderMatch15.1.0

f5big-ip_ddos_hybrid_defenderMatch15.1.1

f5big-ip_ddos_hybrid_defenderMatch16.1.0

f5big-ip_ddos_hybrid_defenderMatch17.1.0

f5ssl_orchestratorMatch15.1.0

f5ssl_orchestratorMatch15.1.1

f5ssl_orchestratorMatch15.1.9

f5ssl_orchestratorMatch16.1.0

f5ssl_orchestratorMatch16.1.1

f5ssl_orchestratorMatch16.1.3

f5ssl_orchestratorMatch16.1.4

f5ssl_orchestratorMatch17.1.0

f5ssl_orchestratorMatch17.1.1

f5traffix_signaling_delivery_controllerMatch5.1.0

f5traffix_signaling_delivery_controllerMatch5.2.0

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

JSON

Related for F5:K000140399