6.5
CVE-2025-21574
- EPSS 0.05%
- Published 15.04.2025 20:30:49
- Last modified 17.04.2025 21:35:46
- Source secalert_us@oracle.com
- Teams watchlist Login
- Open Login
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Oracle ≫ Mysql Cluster Version >= 7.6.0 <= 7.6.33
Oracle ≫ Mysql Cluster Version >= 8.0.0 <= 8.0.41
Oracle ≫ Mysql Cluster Version >= 8.4.0 <= 8.4.4
Oracle ≫ Mysql Cluster Version >= 9.0.0 <= 9.2.0
Oracle ≫ Mysql Server Version >= 8.0.0 <= 8.0.41
Oracle ≫ Mysql Server Version >= 8.4.0 <= 8.4.4
Oracle ≫ Mysql Server Version >= 9.0.0 <= 9.2.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.155 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| secalert_us@oracle.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.