vulnerability
Oracle MySQL Vulnerability: CVE-2024-21272
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
9 | (AV:N/AC:M/Au:S/C:C/I:C/A:C) | Oct 15, 2024 | Oct 24, 2024 | Jan 28, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:S/C:C/I:C/A:C)
Published
Oct 15, 2024
Added
Oct 24, 2024
Modified
Jan 28, 2025
Description
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
Solution
mysql-upgrade-latest

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.