CVE-2024-21008

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

History

25 Mar 2025, 20:15

Type Values Removed Values Added
CWE CWE-400

27 Nov 2024, 16:35

Type Values Removed Values Added
First Time Netapp
Netapp oncommand Insight
Oracle
Oracle mysql Server
Netapp active Iq Unified Manager
Netapp snapcenter
Netapp oncommand Workflow Automation
CWE NVD-CWE-noinfo
References () https://security.netapp.com/advisory/ntap-20240426-0013/ - () https://security.netapp.com/advisory/ntap-20240426-0013/ - Third Party Advisory
References () https://www.oracle.com/security-alerts/cpuapr2024.html - () https://www.oracle.com/security-alerts/cpuapr2024.html - Vendor Advisory
CPE cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

21 Nov 2024, 08:53

Type Values Removed Values Added
References () https://security.netapp.com/advisory/ntap-20240426-0013/ - () https://security.netapp.com/advisory/ntap-20240426-0013/ -
References () https://www.oracle.com/security-alerts/cpuapr2024.html - () https://www.oracle.com/security-alerts/cpuapr2024.html -

26 Apr 2024, 09:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240426-0013/ -

17 Apr 2024, 12:48

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-16 22:15

Updated : 2025-03-25 20:15


NVD link : CVE-2024-21008

Mitre link : CVE-2024-21008

CVE.ORG link : CVE-2024-21008


JSON object : View

Products Affected

netapp

  • active_iq_unified_manager
  • oncommand_workflow_automation
  • oncommand_insight
  • snapcenter

oracle

  • mysql_server
CWE
NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption