Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Sat, 19 Oct 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | mysql: From CVEorg collector | mysql: mysqldump unspecified vulnerability (CPU Oct 2024) |
Thu, 17 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 16 Oct 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Oracle mysql
|
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql:9.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql:9.0.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Oracle mysql
|
Wed, 16 Oct 2024 01:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | mysql: From CVEorg collector | |
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Tue, 15 Oct 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N). | |
First Time appeared |
Oracle
Oracle mysql Client Oracle mysql Cluster |
|
CPEs | cpe:2.3:a:oracle:mysql_client:8.0.39_and_prior:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_client:8.4.2_and_prior:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_client:9.0.1_and_prior:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_cluster:7.5.35_and_prior:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_cluster:7.6.31_and_prior:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_cluster:8.0.39_and_prior:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_cluster:8.4.2_and_prior:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_cluster:9.0.1_and_prior:*:*:*:*:*:*:* |
|
Vendors & Products |
Oracle
Oracle mysql Client Oracle mysql Cluster |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: oracle
Published: 2024-10-15T19:52:50.451Z
Updated: 2024-11-01T17:03:08.477Z
Reserved: 2023-12-07T22:28:10.700Z
Link: CVE-2024-21247
Vulnrichment
Updated: 2024-11-01T17:03:08.477Z
NVD
Status : Modified
Published: 2024-10-15T20:15:14.513
Modified: 2024-11-21T08:54:00.773
Link: CVE-2024-21247
Redhat