CVE-2025-30706

CWE-276Incorrect Default Permissions6 documents6 sources
Severity
7.5HIGH
EPSS
0.5%
top 32.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Mysql ConnectorsOracle Mysql Connectors
Timeline
PublishedApr 15

Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

NVDoracle/mysql_connectors9.0.09.2.0
CVEListV5oracle_corporation/mysql_connectors9.0.09.2.0

Patches

Patch: www.oracle.com

🔴Vulnerability Details

3
OSV
CVE-2025-30706: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)2025-04-15
CVEList
CVE-2025-30706: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)2025-04-15
GHSA
GHSA-mxpq-3mg3-vqx7: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)2025-04-15

📋Vendor Advisories

2
Oracle
Oracle Oracle MySQL Risk Matrix: Connector/J — CVE-2025-307062025-04-15
Red Hat
mysql-connector-java: Connector/J unspecified vulnerability (CPU Apr 2025)2025-04-15
CVE-2025-30706 (HIGH CVSS 7.5) | Vulnerability in the MySQL Connecto | cvebase.io