Multiple Oracle Products Vulnerabilities
April 22, 2024Multiple IBM Aspera Vulnerabilities
April 22, 2024Multiple Oracle Products Vulnerabilities
April 22, 2024Multiple IBM Aspera Vulnerabilities
April 22, 2024Severity
Medium
Analysis Summary
CVE-2024-21062 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21096 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Client: mysqldump component could allow a local attacker to cause low confidentiality impact, low integrity impact and low availability impact.
CVE-2024-21051 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21069 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DDL component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21053 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21054 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21102 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Thread Pooling component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21052 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21087 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Group Replication Plugin component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20993 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20998 CVSS:4.4
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21055 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21057 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21060 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Data Dictionary component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21049 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20994 CVSS:5.3
An unspecified vulnerability in Oracle MySQL Server related to the Server: Information Schema component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21008 CVSS:4.4
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21013 CVSS:4.4
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
Impact
- Denial of Service
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-21062
- CVE-2024-21096
- CVE-2024-21051
- CVE-2024-21069
- CVE-2024-21053
- CVE-2024-21054
- CVE-2024-21102
- CVE-2024-21052
- CVE-2024-21087
- CVE-2024-20993
- CVE-2024-20998
- CVE-2024-21055
- CVE-2024-21057
- CVE-2024-21060
- CVE-2024-21049
- CVE-2024-20994
- CVE-2024-21008
- CVE-2024-21013
Affected Vendors
Affected Products
- Oracle MySQL Server 8.0.35
- Oracle MySQL Server 8.2.0
- Oracle MySQL Server 8.0.36
- Oracle MySQL Server 8.3.0
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.