CVE-2024-21057 in MySQL Server
Summary
by MITRE • 04/17/2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 09/06/2025
The vulnerability identified as CVE-2024-21057 resides within the MySQL Server optimizer component of Oracle MySQL versions 8.0.35 and earlier. This represents a significant security weakness that affects the core database management system functionality. The vulnerability operates at the server level where query optimization occurs, making it particularly dangerous as it can be triggered during normal database operations when the system processes SQL queries through its internal optimization engine. The affected component specifically handles the logical and physical optimization phases of query execution, where the server determines the most efficient execution plan for database operations.
This vulnerability manifests as an easily exploitable flaw that requires only high privileged access and network connectivity through multiple protocols to be successfully leveraged. The attack vector allows a malicious actor with elevated privileges to send specially crafted database queries or commands that trigger a specific code path within the optimizer module. The technical implementation involves a memory corruption or resource management issue that occurs during query optimization, where the system fails to properly handle certain edge cases or malformed inputs that should be gracefully processed by the optimization engine. The vulnerability's classification as a high privilege requirement indicates that it typically requires an authenticated user with administrative or database-level permissions, though the network accessibility means that such access can be achieved through various attack vectors.
The operational impact of this vulnerability is severe and directly affects system availability through a complete denial of service condition. When successfully exploited, the vulnerability causes the MySQL server to either hang indefinitely or crash repeatedly, effectively rendering the database service unavailable to legitimate users and applications. This disruption can have cascading effects throughout enterprise applications that depend on database connectivity, potentially causing widespread service outages across dependent systems. The vulnerability's CVSS base score of 4.9 reflects the availability impact, which is particularly significant for database servers that require continuous uptime for business operations. The system's response to exploitation typically involves process termination or resource exhaustion that requires manual intervention to restore service functionality.
Organizations should immediately implement mitigation strategies focusing on patch management and access control measures to protect against exploitation of this vulnerability. The primary recommended action involves upgrading to MySQL Server version 8.0.36 or later, which contains the necessary fixes to address the optimizer component flaw. Network segmentation and firewall rules should be implemented to restrict unnecessary access to database servers, particularly limiting direct network access to database ports from trusted sources only. Additionally, monitoring should be enhanced to detect unusual patterns in database query execution or server behavior that might indicate exploitation attempts. The vulnerability aligns with CWE-121, which addresses stack-based buffer overflow conditions, and represents a potential pathway for attackers to achieve persistent access through service disruption. Organizations should also consider implementing intrusion detection systems that can identify malicious query patterns associated with this specific vulnerability type, as outlined in relevant ATT&CK framework techniques for database attack vectors and service disruption methods.