June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Middle East Threat Landscape Report 2024
July 23, 2024
Multiple Juniper Networks Products Vulnerabilities
July 23, 2024
Middle East Threat Landscape Report 2024
July 23, 2024
Multiple Juniper Networks Products Vulnerabilities
July 23, 2024
Severity
Medium
Analysis Summary
CVE-2024-21163 CVSS:5.5
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21166 CVSS:5.9
An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21135 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21177 CVSS:6.5
An unspecified vulnerability in Oracle MySQL Server related to the Cluster: General component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21134 CVSS:4.3
An unspecified vulnerability in Oracle MySQL Server related to the Server: Connection Handling component could allow a remote authenticated attacker to cause low availability impact.
CVE-2024-21155 CVSS:4.7
An unspecified vulnerability in Oracle ZFS Storage Appliance Kit related to the User Interface component could allow a remote attacker to cause low confidentiality impact.
CVE-2024-21171 CVSS:6.5
An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21160 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21157 CVSS:4.9
An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow a remote authenticated attacker to cause high availability impact.
CVE-2024-21126 CVSS:5.8
An unspecified vulnerability in Oracle Database Server related to the Oracle Database Portable Clusterware component could allow a remote attacker to cause a low availability impact.
CVE-2024-21132 CVSS:5.4
An unspecified vulnerability in Oracle Purchasing related to the Approvals component could allow a remote authenticated attacker to cause low confidentiality and low integrity impacts.
Impact
- Denial of Service
- Information Disclosure
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-21163
- CVE-2024-21166
- CVE-2024-21135
- CVE-2024-21177
- CVE-2024-21134
- CVE-2024-21155
- CVE-2024-21171
- CVE-2024-21160
- CVE-2024-21157
- CVE-2024-21126
- CVE-2024-21132
Affected Vendors
Oracle
Affected Products
- Oracle MySQL Server 8.0.36
- Oracle MySQL Server 8.3.0
- Oracle Database 19.3
- Oracle Database 21.3 Enterprise
- Oracle Database 19.23
- Oracle MySQL Server 8.0.37
- Oracle MySQL Server 8.4.0
- Oracle ZFS Storage Appliance Kit 8.8
- Oracle Database 21.14
- Oracle Purchasing 12.2.3
- Oracle Purchasing 12.2.13
Remediation
Refer to Oracle Critical Patch Update Advisory, upgrade or suggested workaround information.
