Oracle MySQL Server: CVE-2024-20982 (Critical)

2024-11-27

:

This article describes a critical vulnerability (CVE-2024-20982) affecting Oracle MySQL Server versions 8.0.35 and prior, as well as 8.2.0 and prior. A high-privileged attacker with network access can exploit this vulnerability to cause a Denial-of-Service (DoS) attack, making the MySQL server unavailable.

Vulnerability Details:

Platform: Oracle MySQL Server
Version: 8.0.35 and prior, 8.2.0 and prior (all versions before these are vulnerable)
Vulnerability: Improper handling within the Optimizer component
Severity: Critical (CVSS 3.1 Base Score: 4.9)
Date: Published: February 16, 2024, Last Modified: November 27, 2024

What Undercode Says:

This is a critical vulnerability that can be easily exploited.
Update your MySQL server to a patched version as soon as possible to mitigate the risk.

Avoid granting unnecessary network access to users.

Note: Undercode did not generate any additional comments for this article.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top