CVE-2024-21056 in MySQL Serverinfo

Summary

by MITRE • 04/17/2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 09/06/2025

The vulnerability identified as CVE-2024-21056 represents a significant availability threat within Oracle MySQL Server version 8.0.34 and earlier releases. This weakness resides within the Server: DML component, which governs data manipulation language operations that form the core of database interaction processes. The vulnerability's classification as easily exploitable indicates that attackers with high privileges and network access can leverage this flaw to disrupt database services, potentially leading to complete system unavailability. The CVSS 3.1 score of 4.9 reflects the moderate severity of the availability impact, with the vector AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H indicating network-based exploitation requiring only low complexity but demanding high privileges from an unauthenticated attacker.

The technical nature of this vulnerability stems from improper handling of certain data manipulation operations within the MySQL server's DML processing engine. When specific DML statements are executed against the vulnerable server, the system experiences abnormal termination patterns that result in either complete hangs or repeated crashes. This behavior manifests as a denial of service condition where legitimate database operations cannot proceed due to the server's instability. The flaw likely involves memory management issues or improper input validation during DML processing that causes the server process to become unresponsive or terminate unexpectedly. Such behavior creates a cascading effect where database connections fail, application queries timeout, and the overall database service becomes unavailable to authorized users.

The operational impact of CVE-2024-21056 extends beyond simple service interruption to potentially compromise business continuity and data availability. Organizations relying on MySQL databases for critical applications face the risk of extended downtime during exploitation attempts, which could result in significant financial losses and reputational damage. The vulnerability's requirement for high-privileged access suggests that internal threat actors or attackers who have already compromised administrative credentials pose the most significant risk. However, the network accessibility aspect means that attackers could potentially exploit this vulnerability from external networks if they have gained sufficient privileges within the database environment. The complete DOS capability renders traditional recovery mechanisms ineffective as the system enters a state where normal restart procedures may fail or require extended intervention.

Security practitioners should prioritize immediate patch management for MySQL Server versions 8.0.34 and earlier to address this vulnerability. The recommended mitigation strategy involves upgrading to MySQL Server version 8.0.35 or later, which contains the necessary code fixes to prevent the DML processing anomalies that trigger the denial of service conditions. Organizations should also implement network segmentation and access controls to limit exposure of MySQL servers to untrusted networks while maintaining strict privilege controls to prevent unauthorized administrative access. Monitoring systems should be configured to detect unusual patterns of server crashes or connection terminations that may indicate exploitation attempts. This vulnerability aligns with CWE-119 which addresses memory safety issues and potentially relates to ATT&CK technique T1499.004 for network denial of service attacks. Additionally, organizations should conduct thorough vulnerability assessments to identify other potential DML-related weaknesses and ensure comprehensive database security posture maintenance.

Responsible

Oracle

Reservation

12/07/2023

Disclosure

04/17/2024

Moderation

accepted

CPE

ready

EPSS

0.00887

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!