CVE-2024-21101

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-21101
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N).

2.2 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.7 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://security.netapp.com/advisory/ntap-20240426-0015/
https://www.oracle.com/security-alerts/cpuapr2024.html
Configurations

No configuration.

History

26 Apr 2024, 09:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240426-0015/ -

17 Apr 2024, 12:48

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad en el producto MySQL Cluster de Oracle MySQL (componente: Cluster: General). Las versiones compatibles que se ven afectadas son 7.5.33 y anteriores, 7.6.29 y anteriores, 8.0.36 y anteriores y 8.3.0 y anteriores. Una vulnerabilidad difícil de explotar permite que un atacante con altos privilegios y acceso a la red a través de múltiples protocolos comprometa MySQL Cluster. Los ataques exitosos a esta vulnerabilidad pueden resultar en acceso de lectura no autorizado a un subconjunto de datos accesibles de MySQL Cluster. CVSS 3.1 Puntaje base 2.2 (Impactos en la confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N).

16 Apr 2024, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-16 22:15

Updated : 2024-04-26 09:15

NVD link : CVE-2024-21101

Mitre link : CVE-2024-21101

CVE.ORG link : CVE-2024-21101

JSON object : View

Products Affected

No product.

CWE

No CWE.