Analysis Summary

CVE-2024-21062 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21096 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Client: mysqldump component could allow a local attacker to cause low confidentiality impact, low integrity impact and low availability impact.

CVE-2024-21051 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21069 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: DDL component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21053 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21054 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21102 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Thread Pooling component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21052 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21087 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Group Replication Plugin component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-20993 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-20998 CVSS:4.4

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21055 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21057 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21060 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Data Dictionary component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21049 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-20994 CVSS:5.3

An unspecified vulnerability in Oracle MySQL Server related to the Server: Information Schema component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21008 CVSS:4.4

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21013 CVSS:4.4

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

Impact

• Denial of Service
• Gain Access

Indicators of Compromise

CVE

• CVE-2024-21062
• CVE-2024-21096
• CVE-2024-21051
• CVE-2024-21069
• CVE-2024-21053
• CVE-2024-21054
• CVE-2024-21102
• CVE-2024-21052
• CVE-2024-21087
• CVE-2024-20993
• CVE-2024-20998
• CVE-2024-21055
• CVE-2024-21057
• CVE-2024-21060
• CVE-2024-21049
• CVE-2024-20994
• CVE-2024-21008
• CVE-2024-21013

Affected Vendors

Remediation

Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information. 

Oracle Critical Patch Update Advisory