Login Sign Up

CVE-2025-30722

5.3 MEDIUM

📋 TL;DR

A vulnerability in Oracle MySQL's mysqldump client allows low-privileged attackers with network access to potentially access or modify sensitive data. The vulnerability affects MySQL Client versions 8.0.0-8.0.41, 8.4.0-8.4.4, and 9.0.0-9.2.0. Successful exploitation requires network access and is difficult to achieve.

💻 Affected Systems

Products:
  • Oracle MySQL Client
  • MySQL mysqldump utility
Versions: 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0
Operating Systems: All platforms running affected MySQL versions
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the mysqldump component specifically; requires network access and low-privileged credentials.

📦 What is this software?

Active Iq Unified Manager by Netapp

View all CVEs affecting Active Iq Unified Manager →

Active Iq Unified Manager by Netapp

View all CVEs affecting Active Iq Unified Manager →

Mysql Client by Oracle

View all CVEs affecting Mysql Client →

Mysql Client by Oracle

View all CVEs affecting Mysql Client →

Mysql Client by Oracle

View all CVEs affecting Mysql Client →

Mysql Cluster by Oracle

View all CVEs affecting Mysql Cluster →

Mysql Cluster by Oracle

View all CVEs affecting Mysql Cluster →

Mysql Cluster by Oracle

View all CVEs affecting Mysql Cluster →

Mysql Cluster by Oracle

View all CVEs affecting Mysql Cluster →

Snapcenter by Netapp

View all CVEs affecting Snapcenter →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete unauthorized access to all MySQL Client accessible data including sensitive information, plus unauthorized modification of some data.

🟠

Likely Case

Limited data exposure or modification due to the difficulty of exploitation and requirement for low-privileged network access.

🟢

If Mitigated

Minimal impact with proper network segmentation, least privilege access controls, and monitoring in place.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Requires low-privileged attacker with network access via multiple protocols; difficult to exploit according to CVSS.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 8.0.41, 8.4.4, and 9.2.0

Vendor Advisory: https://www.oracle.com/security-alerts/cpuapr2025.html

Restart Required: No

Instructions:

1. Download latest MySQL Client version from Oracle website. 2. Install update according to platform-specific instructions. 3. Verify mysqldump version with 'mysqldump --version'.

🔧 Temporary Workarounds

Restrict network access

all

Limit network access to mysqldump client to trusted hosts only.

Use firewall rules to restrict access to MySQL port (default 3306) from authorized IPs only.

Implement least privilege

all

Ensure mysqldump runs with minimal necessary database privileges.

GRANT SELECT, LOCK TABLES ON database.* TO 'mysqldump_user'@'host';

🧯 If You Can't Patch

  • Restrict mysqldump usage to trusted administrators only.
  • Monitor for unusual mysqldump activity from unexpected sources.

🔍 How to Verify

Check if Vulnerable:

Run 'mysqldump --version' and check if version falls within affected ranges.

Check Version:

mysqldump --version

Verify Fix Applied:

Confirm mysqldump version is above affected ranges: 8.0.42+, 8.4.5+, or 9.2.1+.

📡 Detection & Monitoring

Log Indicators:

  • Unusual mysqldump connections from unexpected IP addresses
  • Multiple failed mysqldump authentication attempts

Network Indicators:

  • Unexpected network traffic to MySQL port 3306 from unauthorized sources
  • Unusual data export patterns via mysqldump

SIEM Query:

source="mysql.log" AND (event="mysqldump" OR command="dump") AND src_ip NOT IN (trusted_ips)

📊 Metadata

CVE ID: CVE-2025-30722
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score: 0.34% exploit probability (56.1th percentile)
Published: April 15, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON