Sign-up

ID

VAR-202507-1637


CVE

CVE-2025-53032


TITLE

Oracle MySQL  of  MySQL Server  In  Server: Optimizer  Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2025-010231

DESCRIPTION

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). An attacker could exploit this vulnerability to cause a denial of service

Trust: 2.16

sources: NVD: CVE-2025-53032 // JVNDB: JVNDB-2025-010231 // CNVD: CNVD-2025-17183

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-17183

AFFECTED PRODUCTS

vendor:oraclemodel:mysql serverscope:eqversion:9.0.0

Trust: 1.0

vendor:oraclemodel:mysql serverscope:eqversion:9.1.0

Trust: 1.0

vendor:オラクルmodel:mysqlscope:eqversion: -

Trust: 0.8

vendor:オラクルmodel:mysqlscope:eqversion:9.0.0 to 9.1.0

Trust: 0.8

vendor:oraclemodel:mysql serverscope:gteversion:9.0.0,<=9.1.0

Trust: 0.6

sources: CNVD: CNVD-2025-17183 // JVNDB: JVNDB-2025-010231 // NVD: CVE-2025-53032

CVSS

SEVERITY

CVSSV2

CVSSV3

secalert_us@oracle.com: CVE-2025-53032
value: MEDIUM

Trust: 1.0

OTHER: JVNDB-2025-010231
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-17183
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2025-17183
severity: MEDIUM
baseScore: 6.1
vectorString: AV:N/AC:L/AU:M/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: MULTIPLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.4
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

secalert_us@oracle.com: CVE-2025-53032
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-010231
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-17183 // JVNDB: JVNDB-2025-010231 // NVD: CVE-2025-53032

PROBLEMTYPE DATA

problemtype:CWE-770

Trust: 1.0

problemtype:Allocation of resources without limits or throttling (CWE-770) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-010231 // NVD: CVE-2025-53032

PATCH

title:Oracle Critical Patch Update Advisory - July 2025 Oracle Critical Patch Updateurl:https://www.oracle.com/security-alerts/cpujul2025.html

Trust: 0.8

title:Patch for Oracle MySQL Server has an unspecified vulnerability (CNVD-2025-17183)url:https://www.cnvd.org.cn/patchInfo/show/713481

Trust: 0.6

sources: CNVD: CNVD-2025-17183 // JVNDB: JVNDB-2025-010231

EXTERNAL IDS

db:NVDid:CVE-2025-53032

Trust: 3.2

db:JVNDBid:JVNDB-2025-010231

Trust: 0.8

db:CNVDid:CNVD-2025-17183

Trust: 0.6

sources: CNVD: CNVD-2025-17183 // JVNDB: JVNDB-2025-010231 // NVD: CVE-2025-53032

REFERENCES

url:https://www.oracle.com/security-alerts/cpujul2025.html

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2025-53032

Trust: 0.8

sources: CNVD: CNVD-2025-17183 // JVNDB: JVNDB-2025-010231 // NVD: CVE-2025-53032

SOURCES

db:CNVDid:CNVD-2025-17183
db:JVNDBid:JVNDB-2025-010231
db:NVDid:CVE-2025-53032

LAST UPDATE DATE

2025-08-02T23:11:53.986000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-17183date:2025-07-30T00:00:00
db:JVNDBid:JVNDB-2025-010231date:2025-07-30T07:09:00
db:NVDid:CVE-2025-53032date:2025-07-24T20:35:43.353

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-17183date:2025-07-30T00:00:00
db:JVNDBid:JVNDB-2025-010231date:2025-07-30T00:00:00
db:NVDid:CVE-2025-53032date:2025-07-15T20:15:49.433