V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2025-50104
CVE
Low

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, …

CVSS
2.7
Low
EPSS
0.00
p33
Published
2025-01-01
Updated
2025-01-01
Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).

Tags · CWE
CWE-400
CAPEC-147
CAPEC-227
CAPEC-492
Affected products
Mysql 8.0.0–8.0.42Mysql 8.4.0–8.4.5Mysql 9.0.0–9.3.0
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Timeline
2025-01-01
Published
2025-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: H
High (H)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: N
None (N)
Availability Impact
A: L
Low (L)
Exploit indicators
EPSS
0.004 · p33
Known exploited (KEV)
No
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-227 · CWE-400
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
Tracked
mariadbTracked
mariadbTracked
mariadbTracked
mariadb-10.6Tracked
mysql-8.0Tracked
mysql-8.0Tracked
mysql-8.0Tracked
mysql-8.4Tracked
mysql-8.4Tracked
mysql*Tracked
MySQL-clientTracked
MySQL-serverTracked
MySQL-server-perlTracked
libmysqlclient21Tracked
libmysqlclient21-develTracked