CVE-2024-20963 in MySQL Server
Summary
by MITRE • 01/17/2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 05/08/2025
The vulnerability identified as CVE-2024-20963 represents a critical availability threat within Oracle MySQL Server's encryption subsystem. This weakness resides in the Server: Security: Encryption component of the database system, affecting versions 8.0.35 and earlier, as well as 8.2.0 and earlier releases. The flaw demonstrates characteristics that make it particularly dangerous as it can be exploited by attackers with minimal privileges who possess network access through various protocols, indicating a broad attack surface that extends across multiple communication channels. The vulnerability's classification as easily exploitable underscores the severity of the threat, as it requires no special circumstances or advanced techniques for successful exploitation, making it accessible to a wide range of potential threat actors.
The technical nature of this vulnerability involves a flaw in how MySQL Server handles encryption operations, specifically within its security mechanisms that govern data protection. When exploited, the vulnerability enables attackers to cause complete denial of service conditions by inducing hangs or creating frequently repeatable crashes within the MySQL Server process. This behavior results in a comprehensive system outage that prevents legitimate users from accessing database services, effectively rendering the database infrastructure non-operational. The attack vector operates through network protocols, meaning that adversaries can leverage this weakness from remote locations without requiring physical access to the server infrastructure, which significantly increases the attack surface and potential impact.
The operational impact of CVE-2024-20963 extends beyond simple service disruption to encompass complete system unavailability, which can have cascading effects throughout enterprise environments that depend on MySQL database services. Organizations utilizing affected MySQL versions face substantial risk of business interruption, data access denial, and potential revenue loss due to extended downtime periods. The CVSS 3.1 base score of 6.5 reflects the moderate severity of the availability impact, though the complete denial of service condition represents a significant operational concern that can affect mission-critical applications. The vulnerability's potential to cause repeated crashes indicates that even a single successful exploitation attempt could result in prolonged system instability requiring manual intervention and system restarts.
Security professionals should consider this vulnerability in the context of established frameworks such as CWE (Common Weakness Enumeration) which categorizes this as a weakness related to encryption implementation flaws, specifically within the cryptographic system. The ATT&CK framework would classify this vulnerability under the T1499.004 technique for "Network Denial of Service" or potentially T1566 for "Phishing" if exploitation involves initial access through social engineering. Organizations should implement immediate mitigations including applying the latest Oracle security patches, implementing network segmentation to limit access to MySQL services, and monitoring for suspicious network activity that might indicate exploitation attempts. Additionally, administrators should consider disabling unnecessary network protocols, implementing robust access controls, and establishing automated monitoring systems to detect and respond to potential exploitation attempts. The vulnerability's presence in both 8.0 and 8.2 release lines indicates that organizations across multiple MySQL versions require immediate attention to prevent exploitation and maintain database service availability.