CVE-2025-30714Improper Access Control in Corporation Mysql Connectors

CWE-284Improper Access Control6 documents6 sources
Severity
4.8MEDIUMNVD
EPSS
0.2%
top 54.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Mysql ConnectorsOracle Mysql Connectors
Timeline
PublishedApr 15

Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Conn

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

NVDoracle/mysql_connectors9.0.09.2.0
CVEListV5oracle_corporation/mysql_connectors9.0.09.2.0

Patches

Patch: www.oracle.com

🔴Vulnerability Details

3
CVEList
CVE-2025-30714: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python)2025-04-15
GHSA
GHSA-mh6h-m5cw-m257: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python)2025-04-15
OSV
CVE-2025-30714: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python)2025-04-15

📋Vendor Advisories

2
Oracle
Oracle Oracle MySQL Risk Matrix: Connector/Python — CVE-2025-307142025-04-15
Debian
CVE-2025-30714: mysql-connector-python - Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connec...2025
CVE-2025-30714 — Improper Access Control | cvebase