MySQL Client Vulnerability in Oracle MySQL Affects Data Integrity
CVE-2025-30722

5.3MEDIUM

Key Information:

Vendor: Oracle
Status: Mysql Cluster; Mysql Client
Vendor: CVE Published:; 15 April 2025

Summary

A vulnerability in the MySQL Client component of Oracle MySQL allows low privileged attackers with network access to exploit certain functionalities through multiple protocols. This vulnerability could result in unauthorized access to sensitive data, or unauthorized changes, including updates, inserts, or deletions of the data accessible to MySQL Client users. Affected versions include 8.0.0 through 8.0.41, 8.4.0 through 8.4.4, and 9.0.0 through 9.2.0, emphasizing the need for immediate attention and patching to protect data integrity.

Affected Version(s)

MySQL Client 8.0.0 <= 8.0.41

MySQL Client 8.4.0 <= 8.4.4

MySQL Client 9.0.0 <= 9.2.0

References

https://www.oracle.com/security-alerts/cpuapr2025.html

vendor-advisory

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 15, 2025
Vulnerability Reserved
Mar 25, 2025