Multiple Oracle Complex, Maintenance, Repair, and Overhaul Vulnerabilities
April 20, 2024Multiple Microsoft Products Vulnerabilities
April 20, 2024Multiple Oracle Complex, Maintenance, Repair, and Overhaul Vulnerabilities
April 20, 2024Multiple Microsoft Products Vulnerabilities
April 20, 2024Severity
Medium
Analysis Summary
CVE-2024-21061 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Audit Plug-in component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21047 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21056 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21015 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21009 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21050 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20974 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20972 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20970 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20982 CVSS;4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20962 CVSS:5.3
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20966 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Privileges component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20984 CVSS:4.4
An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Firewall component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20978 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20964 CVSS:5.3
An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Privileges component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20976 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20960 CVSS:6.5
An unspecified vulnerability in Oracle v related to the Server: RAPID component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-20968 CVSS:4.4
An unspecified vulnerability in Oracle MySQL Server related to the Server: Options component could allow a remote authenticated attacker to cause high availability impact.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-21061
- CVE-2024-21047
- CVE-2024-21056
- CVE-2024-21015
- CVE-2024-21009
- CVE-2024-21050
- CVE-2024-20974
- CVE-2024-20972
- CVE-2024-20970
- CVE-2024-20982
- CVE-2024-20962
- CVE-2024-20966
- CVE-2024-20984
- CVE-2024-20978
- CVE-2024-20964
- CVE-2024-20976
- CVE-2024-20960
- CVE-2024-20968
Affected Vendors
Affected Products
- Oracle MySQL Server 8.0.35
- Oracle MySQL Server 8.2.0
- Oracle MySQL Server 8.0.36
- Oracle MySQL Server 8.3.0
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.