Login Sign Up

CVE-2024-21193

4.9 MEDIUM
Denial of Service

📋 TL;DR

This vulnerability allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hanging MySQL Server. It affects MySQL Server versions 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior. The attack requires high privileges but is easily exploitable via multiple protocols.

💻 Affected Systems

Products:
  • Oracle MySQL Server
Versions: 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
Operating Systems: All operating systems running affected MySQL versions
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the Prepared Statements (PS) component. Requires attacker to have high privileges (PR:H).

📦 What is this software?

Mysql by Oracle

View all CVEs affecting Mysql →

Mysql by Oracle

View all CVEs affecting Mysql →

Mysql by Oracle

View all CVEs affecting Mysql →

Mysql by Oracle

View all CVEs affecting Mysql →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete unavailability of MySQL Server leading to application downtime and service disruption.

🟠

Likely Case

Targeted DoS attacks against vulnerable MySQL instances by malicious insiders or compromised high-privilege accounts.

🟢

If Mitigated

Limited impact due to proper access controls and network segmentation preventing unauthorized high-privilege access.

🌐 Internet-Facing: MEDIUM - While exploitable via network, it requires high privileges which are typically not exposed to internet-facing interfaces.
🏢 Internal Only: HIGH - Internal attackers with high privileges or compromised accounts can easily exploit this to cause service disruption.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

CVSS indicates 'easily exploitable' but requires high privileges. No public exploit details available as of advisory date.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 8.0.40, 8.4.3, 9.0.2 or later

Vendor Advisory: https://www.oracle.com/security-alerts/cpuoct2024.html

Restart Required: Yes

Instructions:

1. Download appropriate patch from Oracle. 2. Backup databases. 3. Stop MySQL service. 4. Apply patch. 5. Restart MySQL service. 6. Verify version and functionality.

🔧 Temporary Workarounds

Restrict Network Access

all

Limit network access to MySQL Server to only trusted hosts and applications

# Configure MySQL bind-address to specific IPs
# Use firewall rules to restrict MySQL port (default 3306) access

Principle of Least Privilege

all

Minimize high-privilege accounts and implement strict access controls

# Review and reduce users with SUPER, PROCESS, or similar high privileges
# Implement role-based access control

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate MySQL servers from untrusted networks
  • Enforce strong authentication and limit high-privilege accounts to essential personnel only

🔍 How to Verify

Check if Vulnerable:

Check MySQL version: SELECT VERSION(); If version is 8.0.39 or earlier, 8.4.2 or earlier, or 9.0.1 or earlier, system is vulnerable.

Check Version:

mysql -u [user] -p -e 'SELECT VERSION();'

Verify Fix Applied:

After patching, run SELECT VERSION(); and confirm version is 8.0.40+, 8.4.3+, or 9.0.2+.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected MySQL crashes or hangs
  • Multiple connection attempts from high-privilege accounts
  • Error logs showing prepared statement failures

Network Indicators:

  • Unusual traffic patterns to MySQL port from internal sources
  • Multiple protocol connections from single high-privilege source

SIEM Query:

source="mysql.log" ("crash" OR "hang" OR "shutdown") AND ("prepared statement" OR "PS")

📊 Metadata

CVE ID: CVE-2024-21193
CVSS v3 Score: 4.9 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Published: October 15, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON