How severe is CVE-2024-20964?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-20964?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2024-20964

MEDIUM Year: 2024

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-400

View all →

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE-2016-0747

MEDIUM

CVSS:5.3(Medium)

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) vi...

CWE-4002016

CVE-2016-8367

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all version...

CWE-4002016

CVE-2017-1000359

MEDIUM

CVSS:5.3(Medium)

Java out of memory error and significant increase in resource consumption. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.

CWE-4002017

CVE-2017-10621

MEDIUM

CVSS:5.3(Medium)

A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to...

CWE-4002017

CVE-2017-12093

MEDIUM

CVSS:5.3(Medium)

An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before. A specially crafted stream...

CWE-4002017

CVE-2017-15345

MEDIUM

CVSS:5.3(Medium)

Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Succ...

CWE-4002017

CVE-2024-20964

Vulnerability Description

Related Vulnerabilities

CVE-2016-0747

CVE-2016-8367

CVE-2017-1000359

CVE-2017-10621

CVE-2017-12093

CVE-2017-15345