Oracle MySQL
Moderate fix3 remedies
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*
Moderate fix3 remedies
- <= 8.0.40
- <= 8.4.3
- <= 9.1.0
Oracle MySQL Server Privileges Vulnerability Allowing Unauthorized Data Access
Vulnerability
Patched
A vulnerability exists in Oracle MySQL Server in versions 8.0.40 and prior, 8.4.3 and prior, and 9.1.0 and prior. This vulnerability allows a low-privileged attacker with network access to compromise the MySQL Server. Exploitation of this vulnerability could lead to unauthorized read access, as well as unauthorized update, insert, or delete access to some data accessible by the MySQL Server.
Impact
Successful exploitation allows unauthorized access and modification of MySQL Server data.
Remediation
Users can apply the January 2025 Critical Patch Update, which includes a patch for this vulnerability. Instructions for applying the patch can be found in the MySQL Critical Patch Update January 2025 Patch Availability Document on My Oracle Support.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
8.7impact
1.3exploitability
4.9remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.