VDB
CVE-2025-21499
CVE-2025-21499
PUBLISHED
CVSS 9.300000190734863 CRITICAL
MySQL ist ein Open Source Datenbankserver von Oracle.
EPSS 0.10% · 27.2th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.10%
27.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| RESF | RESF Rocky Linux | |
| Oracle | Oracle MySQL <=9.0.1 | |
| MariaDB | MariaDB MariaDB <11.7.2 | |
| NetApp | NetApp ActiveIQ Unified Manager for Microsoft Windows | |
| MariaDB | MariaDB MariaDB <10.5.28 | |
| Oracle | Oracle MySQL <=8.0.39 | |
| Red Hat | Red Hat Enterprise Linux | |
| Oracle | Oracle MySQL <=8.4.2 | |
| SUSE | SUSE Linux | |
| Oracle | Oracle MySQL <=7.6.32 | |
| Oracle | Oracle MySQL <=8.4.3 | |
| Oracle | Oracle Linux | |
| Oracle | Oracle MySQL <=9.1.0 | |
| NetApp | NetApp ActiveIQ Unified Manager for VMware vSphere | |
| MariaDB | MariaDB MariaDB <10.11.11 | |
| MariaDB | MariaDB MariaDB <10.6.21 | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle MySQL 8.4.0 |
…and 2 more
Exploit Intelligence
- CIRCL seen: CVE-2025-21499 (circl-sighting)
- https://security.netapp.com/advisory/ntap-20250124-0013/ (circl)
- Oracle Advisory (circl)
Timeline
- Dec 24, 2024 CVE ID Reserved
- Jan 21, 2025 CVE Published
- Jan 21, 2025 PoC Published
- Jan 22, 2025 EPSS Score
- Feb 6, 2025 EPSS Score
- Feb 12, 2025 Coalition ESS Score
- Feb 22, 2025 EPSS Score
- Mar 1, 2025 Coalition ESS Score
- Mar 9, 2025 EPSS Score
- Mar 13, 2025 Coalition ESS Score
- Mar 24, 2025 EPSS Score
- Apr 8, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0167.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0167 advisory
- https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL advisory
- https://security.netapp.com/advisory/ntap-20250124-0011/ advisory
- https://ubuntu.com/security/notices/USN-7245-1 advisory
- https://mariadb.com/kb/en/mdb-101111-rn/ advisory
- https://mariadb.com/kb/en/mdb-10-5-28-rn/ advisory
- https://mariadb.com/kb/en/mdb-10621-rn/ advisory
- https://mariadb.com/kb/en/mariadb-11-7-2-release-notes/ advisory
- https://access.redhat.com/errata/RHSA-2025:1671 advisory
- https://access.redhat.com/errata/RHSA-2025:1673 advisory
- https://linux.oracle.com/errata/ELSA-2025-1673.html advisory
- https://linux.oracle.com/errata/ELSA-2025-1671.html advisory
- https://access.redhat.com/errata/RHSA-2025:1755 advisory
- https://access.redhat.com/errata/RHSA-2025:1756 advisory
- https://access.redhat.com/errata/RHSA-2025:1757 advisory
- https://access.redhat.com/errata/RHSA-2025:1766 advisory
- https://access.redhat.com/errata/RHSA-2025:1767 advisory
- https://errata.build.resf.org/RLSA-2025:1673 advisory
- https://lists.debian.org/debian-lts-announce/2025/03/msg00000.html advisory
…and 23 more