Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-21000

Опубликовано: 16 апр. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 3.8

Описание

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).

РелизСтатусПримечание
devel

not-affected

mysql only
esm-apps/noble

not-affected

mysql only
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

not-affected

mysql only
noble

not-affected

mysql only
oracular

not-affected

mysql only
plucky

not-affected

mysql only
upstream

not-affected

mysql only

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

not-affected

mysql only
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

not-affected

mysql only

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

not-affected

mysql only
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

not-affected

mysql only

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

not-affected

mysql only
focal

ignored

end of standard support, was ignored [no more upstream support]
jammy

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

not-affected

mysql only

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/jammy

not-affected

mysql only
esm-infra/focal

DNE

focal

DNE

jammy

not-affected

mysql only
mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

not-affected

mysql only

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

ignored

see notes
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

trusty/esm

ignored

end of ESM support, was ignored [see notes]

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

needs-triage

esm-infra/focal

DNE

esm-infra/xenial

ignored

see notes
focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

8.0.37-0ubuntu0.20.04.3
focal

released

8.0.37-0ubuntu0.20.04.3
jammy

released

8.0.37-0ubuntu0.22.04.3
mantic

released

8.0.37-0ubuntu0.23.10.2
noble

released

8.0.37-0ubuntu0.24.04.1
oracular

not-affected

8.0.37-1
plucky

DNE

upstream

released

8.0.37

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 33%
0.00125
Низкий

3.8 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-21000

CVSS3: 3.8
redhat
около 1 года назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).

nvd логотип

CVE-2024-21000

CVSS3: 3.8
nvd
около 1 года назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).

debian логотип

CVE-2024-21000

CVSS3: 3.8
debian
около 1 года назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: ...

github логотип

GHSA-jfv3-gh3j-c5r7

CVSS3: 3.8
github
около 1 года назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).

fstec логотип

BDU:2024-03421

CVSS3: 3.8
fstec
около 1 года назад

Уязвимость компонента Server: Security: Privileges системы управления базами данных Oracle MySQL Server, позволяющая нарушителю получить несанкционированный доступ на чтение, добавление, изменение или удаление защищаемой информации

EPSS

Процентиль: 33%
0.00125
Низкий

3.8 Low

CVSS3

Уязвимость CVE-2024-21000