CVE-2024-20971 in MySQL Serverinfo

Summary

by MITRE • 01/17/2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 06/04/2025

The vulnerability identified as CVE-2024-20971 resides within the MySQL Server optimizer component of Oracle MySQL database systems. This flaw affects specific version ranges including all releases up to and including 8.0.35 and 8.2.0, representing a significant portion of the MySQL 8.0 and 8.2 release lines. The vulnerability operates within the server optimization layer where query execution plans are processed and optimized, making it particularly dangerous as it can impact fundamental database operations. The security implications are exacerbated by the fact that this vulnerability requires only high privileged access, meaning that an attacker with legitimate administrative credentials or elevated privileges can exploit this weakness.

The technical nature of this vulnerability involves a flaw in how the MySQL Server optimizer handles certain query execution paths, leading to potential denial of service conditions. When exploited, the vulnerability allows an attacker to cause the MySQL Server to hang or crash repeatedly, resulting in complete service disruption. The exploitability characteristics indicate that network-based attacks can be executed through multiple protocols, suggesting that the vulnerability is not limited to a specific communication channel but can be leveraged across various network interfaces. The CVSS score of 4.9 reflects the availability impact severity, with the vector showing network access requirements, low attack complexity, high privileges needed, and no user interaction required, while maintaining an unscoped impact on confidentiality and integrity.

The operational impact of this vulnerability extends beyond simple service disruption, potentially causing cascading failures in database-dependent applications and systems. Organizations relying on MySQL for critical database operations face significant risk of service interruptions that could affect business continuity and data availability. The vulnerability's ability to cause complete denial of service through repeated crashes means that even brief exploitation periods could result in substantial downtime and recovery efforts. This type of vulnerability aligns with CWE-121 which addresses buffer overflow conditions and CWE-122 which covers buffer overflow vulnerabilities, though the specific nature appears to be related to memory management within the query optimizer. The attack pattern corresponds to techniques described in the MITRE ATT&CK framework under the T1499 category for network denial of service, specifically targeting database services and infrastructure.

Organizations should prioritize immediate patching of affected MySQL Server installations, particularly those running versions 8.0.35 or earlier and 8.2.0 or earlier. The recommended mitigation strategy involves upgrading to the latest supported MySQL versions where this vulnerability has been addressed through code modifications in the optimizer component. System administrators should implement network segmentation and access controls to limit exposure of MySQL services to only trusted networks and users with legitimate administrative privileges. Monitoring should be enhanced to detect unusual patterns of server crashes or connection terminations that might indicate exploitation attempts. Additionally, implementing database activity monitoring solutions can help identify anomalous query execution patterns that might precede or accompany exploitation of this vulnerability, providing early warning capabilities for potential attacks.

Responsible

Oracle

Reservation

12/07/2023

Disclosure

01/17/2024

Moderation

accepted

CPE

ready

EPSS

0.01038

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!