Lucene search

K

GoogleOSV:CVE-2024-20971

HistoryJan 16, 2024 - 10:15 p.m.

CVE-2024-20971

2024-01-1622:15:44

Google

osv.dev

17

mysql

oracle

vulnerability

exploitable

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0

Percentile

13.3%

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

References

security.netapp.com/advisory/ntap-20240201-0003/

www.oracle.com/security-alerts/cpujan2024.html

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0

Percentile

13.3%

Related for OSV:CVE-2024-20971

cve1 osv4 redhatcve1 cvelist1 cnvd1 prion1 ubuntucve1 debiancve1 nvd1 cbl_mariner1 nessus15 fedora1 openvas4 f51 ubuntu1 photon3 ibm1 almalinux2 oraclelinux2 redhat3 hp1 oracle1