Vulnerability in Oracle MySQL Connectors: Connector/Python Exposed
CVE-2025-21548

6.4MEDIUM

Key Information:

Vendor: Oracle
Status: Mysql Connectors
Vendor: CVE Published:; 21 January 2025

What is CVE-2025-21548?

This vulnerability in Oracle MySQL Connectors (specifically, Connector/Python) poses significant risks for users of version 9.1.0 and earlier. A high-privileged attacker with network access can exploit the vulnerability through various protocols, necessitating human interaction from a victim other than the attacker. Successful exploitation may allow unauthorized creation, deletion, or modification of critical data, as well as unauthorized read access to sensitive information. Additionally, this vulnerability could result in a denial-of-service condition, leading to system hangs or crashes of the MySQL Connectors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MySQL Connectors * <= 9.1.0

References

https://www.oracle.com/security-alerts/cpujan2025.html

vendor-advisory

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 21, 2025
Vulnerability Reserved
Dec 24, 2024

JSON

Oracle