How severe is CVE-2024-21209?

This vulnerability has a severity rating of LOW with a CVSS score of 2 out of 10.

What type of vulnerability is CVE-2024-21209?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2024-21209 - LOW Severity | CVSS 2

Vulnerability Description

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 2.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N).

Related Vulnerabilities

CVE-2015-7511

LOW

CVSS:2.0(Low)

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring elect...

CWE-2002015

CVE-2021-39020

LOW

CVSS:2.0(Low)

IBM Guardium Data Encryption (GDE) 4.0.0.7 and lower stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server ...

CWE-2002021

CVE-2016-3002

LOW

CVSS:2.1(Low)

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate attackers to obtain sensitive information by reading cached data on a client device.

CWE-2002016

CVE-2016-8305

LOW

CVSS:2.1(Low)

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2...

CWE-2002016

CVE-2021-40086

LOW

CVSS:2.2(Low)

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page (that can onl...

CWE-2002021

CVE-2022-44746

LOW

CVSS:2.2(Low)

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.

CWE-2002022