Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for mysql_client by oracle

    CVE-2025-30722 (GCVE-0-2025-30722)

    Vulnerability from nvd – Published: 2025-04-15 20:31 – Updated: 2025-11-03 19:47
    VLAI
    Summary
    Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Cluster accessible data.
    • CWE-noinfo Not enough information
    Assigner
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Cluster Affected: 7.6.0 , ≤ 7.6.33 (semver)
    Affected: 8.0.0 , ≤ 8.0.41 (semver)
    Affected: 8.4.0 , ≤ 8.4.4 (semver)
    Affected: 9.0.0 , ≤ 9.2.0 (semver)
    Create a notification for this product.
    Oracle Corporation MySQL Client Affected: 8.0.0 , ≤ 8.0.41 (semver)
    Affected: 8.4.0 , ≤ 8.4.4 (semver)
    Affected: 9.0.0 , ≤ 9.2.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-30722",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-17T13:37:19.238602Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-17T13:57:07.904Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:47:53.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250418-0005/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00005.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Cluster",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.33",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.0.41",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.4",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.2.0",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "MySQL Client",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "8.0.41",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.4",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.2.0",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "7.6.33",
                      "versionStartIncluding": "7.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.0.41",
                      "versionStartIncluding": "8.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.4.4",
                      "versionStartIncluding": "8.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.2.0",
                      "versionStartIncluding": "9.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.0.41",
                      "versionStartIncluding": "8.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.4.4",
                      "versionStartIncluding": "8.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.2.0",
                      "versionStartIncluding": "9.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump).  Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and  9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all MySQL Client accessible data as well as  unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all MySQL Cluster accessible data.",
                  "lang": "en-US"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-15T20:31:15.014Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "Oracle Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2025-30722",
        "datePublished": "2025-04-15T20:31:15.014Z",
        "dateReserved": "2025-03-25T20:11:18.271Z",
        "dateUpdated": "2025-11-03T19:47:53.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-30722 (GCVE-0-2025-30722)

    Vulnerability from cvelistv5 – Published: 2025-04-15 20:31 – Updated: 2025-11-03 19:47
    VLAI
    Summary
    Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Cluster accessible data.
    • CWE-noinfo Not enough information
    Assigner
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Cluster Affected: 7.6.0 , ≤ 7.6.33 (semver)
    Affected: 8.0.0 , ≤ 8.0.41 (semver)
    Affected: 8.4.0 , ≤ 8.4.4 (semver)
    Affected: 9.0.0 , ≤ 9.2.0 (semver)
    Create a notification for this product.
    Oracle Corporation MySQL Client Affected: 8.0.0 , ≤ 8.0.41 (semver)
    Affected: 8.4.0 , ≤ 8.4.4 (semver)
    Affected: 9.0.0 , ≤ 9.2.0 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-30722",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-17T13:37:19.238602Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-17T13:57:07.904Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:47:53.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250418-0005/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00005.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Cluster",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.33",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.0.41",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.4",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.2.0",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "product": "MySQL Client",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "8.0.41",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.4",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.2.0",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "7.6.33",
                      "versionStartIncluding": "7.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.0.41",
                      "versionStartIncluding": "8.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.4.4",
                      "versionStartIncluding": "8.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.2.0",
                      "versionStartIncluding": "9.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.0.41",
                      "versionStartIncluding": "8.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.4.4",
                      "versionStartIncluding": "8.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.2.0",
                      "versionStartIncluding": "9.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump).  Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and  9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all MySQL Client accessible data as well as  unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all MySQL Cluster accessible data.",
                  "lang": "en-US"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-15T20:31:15.014Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "Oracle Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2025-30722",
        "datePublished": "2025-04-15T20:31:15.014Z",
        "dateReserved": "2025-03-25T20:11:18.271Z",
        "dateUpdated": "2025-11-03T19:47:53.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }