Synced 17 Jun 2026 22:27 UTC Account
← All products

CVE-2024-21232

LOW severity · CVSS 2.2 · Uncontrolled resource consumption
2.2CVSS LOW

Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).

Impact & exploitability

Attack vectorNetwork
Attack complexityHigh
Privileges requiredHigh
User interactionNone
Confidentiality impactNone
Integrity impactNone
Availability impactLow
Exploit probability (EPSS)1%

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

Affected products we track (1)

MySQL

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Official patch: https://www.oracle.com/security-alerts/cpuoct2024.html ↗

Additional information