CVE-2025-50103 – A vulnerability in MySQL Server's LDAP authenti... (How to Fix)

Q: What is the severity of CVE-2025-50103?

CVE-2025-50103 has a CVSS score of 4.4 (MEDIUM). A vulnerability in MySQL Server's LDAP authentication component allows high-privileged attackers with network access to cause denial of service by crashing or hanging the server. This affects MySQL Server versions 9.0.0 through 9.3.0. The attack is difficult to exploit and requires administrative privileges.

📋 TL;DR

A vulnerability in MySQL Server's LDAP authentication component allows high-privileged attackers with network access to cause denial of service by crashing or hanging the server. This affects MySQL Server versions 9.0.0 through 9.3.0. The attack is difficult to exploit and requires administrative privileges.

💻 Affected Systems

Products:

Oracle MySQL Server

Versions: 9.0.0 through 9.3.0

Operating Systems: All platforms running affected MySQL versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using LDAP authentication. Requires high privileged attacker access.

📦 What is this software?

Mysql by Oracle

View all CVEs affecting Mysql →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service where MySQL Server becomes unresponsive, requiring manual restart and causing service disruption.

🟠

Likely Case

Temporary service interruption requiring database restart, potentially affecting applications relying on MySQL.

🟢

If Mitigated

Minimal impact due to proper access controls and network segmentation limiting attack surface.

🌐 Internet-Facing: MEDIUM - While network accessible, requires high privileges and complex exploitation, reducing immediate risk.

🏢 Internal Only: MEDIUM - Internal attackers with administrative access could disrupt critical database services.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Requires high privileged attacker (PR:H) and difficult to exploit (AC:H). No public exploit details available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.3.1 or later (check Oracle Critical Patch Update)

Vendor Advisory: https://www.oracle.com/security-alerts/cpujul2025.html

Restart Required: Yes

Instructions:

1. Check current MySQL version. 2. Download and apply latest patch from Oracle. 3. Restart MySQL service. 4. Verify patch installation.

🔧 Temporary Workarounds

Disable LDAP Authentication

all

Temporarily disable LDAP authentication if not required

--skip-ldap-authentication in MySQL configuration

Restrict Network Access

linux

Limit network access to MySQL to trusted sources only

iptables -A INPUT -p tcp --dport 3306 -s trusted_ip -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j DROP

🧯 If You Can't Patch

Implement strict access controls to limit high-privileged accounts
Monitor MySQL logs for unusual authentication attempts or crash events

🔍 How to Verify

Check if Vulnerable:

Run: SELECT VERSION(); and check if version is between 9.0.0 and 9.3.0

Check Version:

SELECT VERSION();

Verify Fix Applied:

Run: SELECT VERSION(); and confirm version is 9.3.1 or higher

📡 Detection & Monitoring

Log Indicators:

MySQL crash logs
Unexpected service restarts
LDAP authentication failures

Network Indicators:

Multiple authentication attempts from single source
Unusual traffic patterns to MySQL LDAP ports

SIEM Query:

source="mysql.log" ("crash" OR "segmentation fault" OR "hang") AND version="9.*"

📊 Metadata

CVE ID: CVE-2025-50103

CVSS v3 Score: 4.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-400

EPSS Score: 0.05% exploit probability (14.7th percentile)

Published: July 15, 2025

Last Updated: July 17, 2025

🔗 References

https://www.oracle.com/security-alerts/cpujul2025.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-50103, you might also want to check these: