V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2025-53062
CVE
Medium

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0…

CVSS
4.9
Medium
EPSS
0.01
p40
Published
2025-01-01
Updated
2025-01-01
Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Tags · CWE
CWE-400
CAPEC-147
CAPEC-227
CAPEC-492
Affected products
Mysql_server 8.0.0–8.0.43Mysql_server 8.4.0–8.4.6Mysql_server 9.0.0–9.4.0
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Timeline
2025-01-01
Published
2025-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: H
High (H)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: N
None (N)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.005 · p40
Known exploited (KEV)
No
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-227 · CWE-400
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
Tracked
mariadbTracked
mariadbTracked
mariadbTracked
mariadb-10.6Tracked
mysql-8.0Tracked
mysql-8.0Tracked
mysql-8.0Tracked
mysql-8.4Tracked
mysql-8.4Tracked
mysql_server*Tracked
MySQL-clientTracked
MySQL-serverTracked
MySQL-server-perlTracked
libmysqlclient21Tracked
libmysqlclient21-develTracked