CVE-2024-21060 in MySQL Server
Summary
by MITRE • 04/17/2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 09/06/2025
The vulnerability identified as CVE-2024-21060 resides within the MySQL Server's Data Dictionary component, representing a critical availability risk that affects specific version ranges including 8.0.36 and earlier releases as well as 8.3.0 and prior versions. This flaw operates at the server level within the data dictionary subsystem, which serves as the core metadata repository for MySQL database structures and definitions. The vulnerability's classification as easily exploitable indicates that attackers with high privileges and network access can leverage this weakness to disrupt database operations significantly. The attack vector permits exploitation through multiple network protocols, making the vulnerability particularly dangerous in environments where MySQL servers are accessible over networks. According to the CVSS 3.1 scoring system, this vulnerability carries a base score of 4.9, with the availability impact rated as high, reflecting the potential for complete denial of service conditions that can render MySQL servers completely inoperable.
The technical nature of this vulnerability stems from improper handling of data dictionary operations that can lead to server crashes or indefinite hangs when specific conditions are met. Attackers with high-privilege accounts can manipulate data dictionary entries in ways that cause the MySQL server process to become unresponsive or terminate abruptly. This behavior typically occurs during database operations that involve metadata manipulation or when the server attempts to process corrupted or malformed dictionary entries. The vulnerability's impact extends beyond simple service interruption as it can cause repeated crashes that require manual intervention to restore normal server operations. The data dictionary component is fundamental to MySQL's operation, managing schema information, table definitions, and metadata structures that are essential for database functionality. When this component becomes compromised, it affects the entire database server's ability to process queries and maintain consistent state.
The operational impact of CVE-2024-21060 manifests as complete denial of service conditions that can severely disrupt database operations and business continuity. Organizations relying on MySQL databases may experience extended downtime periods during which applications cannot access critical data, potentially leading to significant financial losses and operational disruptions. The vulnerability's potential for causing frequently repeatable crashes means that even brief exploitation attempts can result in persistent service degradation that may require complete server restarts and recovery procedures. This type of vulnerability particularly affects environments where database availability is paramount, such as financial services, e-commerce platforms, and mission-critical applications that depend on continuous database access. The high privilege requirement for exploitation suggests that the vulnerability is more likely to be targeted by insider threats or compromised accounts rather than external attackers, though the network accessibility still makes it a significant concern for organizations with exposed MySQL instances.
Mitigation strategies for CVE-2024-21060 should prioritize immediate patching of affected MySQL versions to the latest available releases that contain the necessary security fixes. Organizations should implement comprehensive monitoring of MySQL server processes to detect unusual behavior patterns that might indicate exploitation attempts. Access controls and privilege management should be strictly enforced, with regular audits of high-privilege accounts to ensure that only authorized personnel have access to database management functions. Network segmentation and firewall rules should be implemented to limit access to MySQL servers to only necessary systems and users. The vulnerability's classification under CWE 119 (Improper Access to Reserved Memory) and its alignment with ATT&CK technique T1499.004 (Endpoint Denial of Service) highlights the need for both defensive measures and incident response planning. Additionally, organizations should consider implementing automated backup and recovery procedures that can quickly restore database services in case of successful exploitation, while maintaining detailed logging of database operations to aid in forensic analysis and threat hunting activities.