CVE-2024-20960
Public on 2024-01-18
Modified on 2024-03-05
Description
A flaw was found in MySQL Server RAPID. This vulnerability allows a malicious user with low privileges and network access to compromise the MySQL Server. A successful attack can result in the unauthorized ability to cause a hang, or a frequently repeatable crash, a complete denial of service DOS), of MySQL Server.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2 - Core | mariadb | Pending Fix | ||
| Amazon Linux 2 - Mariadb10.5 Extra | mariadb | Pending Fix | ||
| Amazon Linux 2023 | mariadb105 | Pending Fix | ||
| Amazon Linux 1 | mysql | No Fix Planned | ||
| Amazon Linux 1 | mysql51 | No Fix Planned | ||
| Amazon Linux 1 | mysql55 | No Fix Planned | ||
| Amazon Linux 1 | mysql56 | No Fix Planned | ||
| Amazon Linux 1 | mysql57 | No Fix Planned |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| NVD | CVSSv3 | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |