How severe is CVE-2024-21166?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2024-21166?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2024-21166 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H).

Related Vulnerabilities

CVE-2019-18827

MEDIUM

CVSS:5.9(Medium)

On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code...

CWE-2852019

CVE-2020-3150

MEDIUM

CVSS:5.9(Medium)

A vulnerability in the web-based management interface of Cisco Small Business RV110W and RV215W Series Routers could allow an unauthenticated, remote attacker to download sensitive information from th...

CWE-2852020

CVE-2024-12483

MEDIUM

CVSS:5.9(Medium)

A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This affects an unknown part of the file /users/id of the component User ID Handler. The manipulation leads to au...

CWE-2852024

CVE-2025-29778

MEDIUM

CVSS:5.8(Medium)

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with ke...

CWE-2852025

CVE-2022-22268

MEDIUM

CVSS:6.1(Medium)

Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.

CWE-2852022

CVE-2023-41819

MEDIUM

CVSS:6.1(Medium)

A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.

CWE-2852023