SB20240417103 - Multiple vulnerabilities in MySQL Cluster

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20240417103

SB20240417103 - Multiple vulnerabilities in MySQL Cluster

Published: April 17, 2024 Updated: December 6, 2024

Security Bulletin ID SB20240417103
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

High 25% Medium 25% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2024-21101)

The vulnerability allows a remote privileged user to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Cluster: General component in MySQL Cluster. A remote privileged user can exploit this vulnerability to gain access to sensitive information.


2) Improper input validation (CVE-ID: CVE-2024-21102)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Thread Pooling component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


3) Improper check for certificate revocation (CVE-ID: CVE-2024-0853)

The vulnerability allows a remote attacker to bypass OCSP verification.

The vulnerability exists due to curl inadvertently keeps the SSL session ID for connections in its cache even when the verify status (OCSP stapling) test has failed. A subsequent transfer to the same hostname will be successful if the session ID cache is still fresh, which leads to skipping the verify status check. As a result, OCSP verification is always successful for all subsequent TLS sessions.


4) Resource exhaustion (CVE-ID: CVE-2023-44487)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".

Note, the vulnerability is being actively exploited in the wild.


Remediation

Install update from vendor's website.

References