MySQL Server Vulnerability in Oracle MySQL Product
CVE-2025-21567
4.3MEDIUM
Summary
A vulnerability exists in the MySQL Server component of Oracle MySQL, making versions 9.1.0 and prior susceptible to exploitation. An attacker with low privileges and network access can exploit this vulnerability through multiple protocols. Successful exploitation can lead to unauthorized read access to sensitive data within MySQL Server. Organizations using affected versions should apply security patches promptly to mitigate potential risks associated with this vulnerability.
Affected Version(s)
MySQL Server * <= 9.1.0
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved