Request a Demo
Rewterz
Multiple Apache Products Vulnerabilities
July 22, 2024
Rewterz
APT41 Compromises Networks in Taiwan, Turkey, Italy, Spain, and United Kingdom – Active IOCs
July 22, 2024

Multiple Oracle Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-21162 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21176 CVSS:5.3

An unspecified vulnerability in Oracle MySQL Server related to the Server: Thread Pooling component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21165 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Pluggable Auth component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21127 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: DDL component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21179 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21125 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: FTS component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21137 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21142 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Privileges component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-20996 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21130 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21129 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the Server: DDL component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21159 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21173 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21185 CVSS:4.9

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

CVE-2024-21170 CVSS:6.3

An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.

Impact

  • Denial of Service

Indicators of Compromise

CVE

  • CVE-2024-21162
  • CVE-2024-21176
  • CVE-2024-21165
  • CVE-2024-21127
  • CVE-2024-21179
  • CVE-2024-21125
  • CVE-2024-21137
  • CVE-2024-21142
  • CVE-2024-20996
  • CVE-2024-21130
  • CVE-2024-21129
  • CVE-2024-21159
  • CVE-2024-21173
  • CVE-2024-21185
  • CVE-2024-21170

Affected Vendors

Oracle

Affected Products

  • Oracle MySQL Server 8.2.0
  • Oracle MySQL Server 8.0.37
  • Oracle MySQL Server 8.4.0
  • Oracle MySQL Server 8.4.1
  • Oracle MySQL Server 9.0.0
  • Oracle MySQL Connectors 8.4.0

Remediation

Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.

Oracle Critical Patch Update Advisory