What is CVE-2025-21504?

A medium-severity vulnerability in Oracle MySQL Server affects multiple versions and can lead to a denial-of-service condition. Attackers can exploit this easily with network access. Organizations should prioritize patching.

What is the severity of CVE-2025-21504?

CVE-2025-21504 has a severity rating of MEDIUM with a CVSS base score of 4.9.

CVE-2025-21504 | Medium Severity Vulnerability in Oracle MySQL Server

CVE-2025-21504 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically within the Server: Optimizer component. This vulnerability is classified as medium severity with a CVSS score of 4.9, indicating a notable risk due to its potential impact on availability. The vulnerability affects supported versions of MySQL: 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior. Attackers with high privileges and network access can exploit this vulnerability, potentially resulting in a denial-of-service (DoS) condition.

The ease of exploitation, combined with the ability to cause significant disruption, underscores the urgency for organizations to address this vulnerability. Successful exploitation can lead to unauthorized hangs or repeatable crashes of the MySQL Server, impacting critical services and operations. Organizations should prioritize patching immediately.

Given that this vulnerability does not require user interaction and has a low attack complexity, it poses a significant risk to systems running affected versions of MySQL. Therefore, understanding the implications and taking swift action is crucial for mitigating the associated risks.

The vulnerability was published on January 21, 2025, and the urgency for remediation is high. Organizations using MySQL must assess their systems for potential exposure and apply necessary patches to protect their infrastructure from possible exploitation.

Vulnerability Details

The official description of CVE-2025-21504 states that it is a vulnerability in the MySQL Server product of Oracle MySQL, affecting versions 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior. This vulnerability allows high privileged attackers with network access via multiple protocols to compromise MySQL Server. The CVSS 3.1 Base Score is 4.9, indicating high availability impacts.

The vulnerability falls under CWE-770, which pertains to 'Allocation of Resources Without Limits or Throttling.' The attack vector is considered NETWORK, with a low attack complexity, high privileges required, and no user interaction needed. The availability impact is rated as HIGH, which is critical for organizations relying on MySQL for their operations.

Technical Analysis

The root cause of this vulnerability is associated with the MySQL Server's Optimizer component. The design flaw allows high privileged attackers to exploit the server via network access, resulting in potential service disruption. Attackers may leverage this flaw to cause hangs or crashes, leading to a denial-of-service condition.

The attack vector is categorized as NETWORK, meaning that an attacker does not need physical access to the server to exploit it. The attack complexity is rated as LOW, indicating that a successful attack can be achieved with minimal effort. The prerequisites include high privileges, which means that only users with elevated access would be able to execute the attack.

There is no user interaction required to exploit this vulnerability, making it particularly concerning for organizations. The impacts on confidentiality and integrity are rated as NONE, while the availability impact is rated as HIGH, highlighting the critical need for immediate remediation.

Risk & Impact Analysis

The risk to organizations includes potential downtime and disruption of services due to the denial-of-service capabilities of this vulnerability. A successful attack could lead to significant operational challenges, especially for organizations relying heavily on MySQL for their database solutions. With a CVSS score of 4.9, this vulnerability should be treated seriously by security teams.

Organizations should assess their environments for the MySQL versions listed as affected and prioritize mitigation efforts. The availability impact associated with this vulnerability emphasizes the urgency for patching. It is crucial to implement necessary updates and monitor systems for any signs of attempted exploitation.

Given that the exploitability score is rated as medium, security teams should consider this vulnerability in their risk assessments and remediation planning. The potential for service disruption necessitates a proactive approach to vulnerability management.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of Oracle MySQL Server include 8.0.39 and prior, 8.4.2 and prior, and 9.0.1 and prior. Organizations should ensure they are running the latest patched versions to mitigate this vulnerability.

Mitigation & Remediation

Organizations must prioritize patching for affected versions of MySQL Server. The latest patches from Oracle should be applied as soon as possible to eliminate the vulnerability. If immediate patching is not feasible, organizations should consider implementing configuration hardening measures and network controls to mitigate exposure.

For ongoing protection, organizations are encouraged to engage in penetration testing to identify and remediate similar vulnerabilities in their systems.

Detection Guidance

Organizations should monitor logs for unusual access patterns and signs of service disruption. Behavioral anomalies in MySQL Server performance may indicate attempts to exploit known vulnerabilities. Additionally, network signatures indicative of exploitation attempts should be established to enhance detection capabilities.

AppSecure Threat Intelligence Insight

CVE-2025-21504 highlights the ongoing need for vigilance in database security, particularly regarding vulnerabilities related to availability. Security teams should focus on implementing robust monitoring solutions to detect potential exploitation attempts early.

This vulnerability serves as a reminder of the importance of regular updates and proactive security assessments. Organizations should consider developing a comprehensive vulnerability management program to address similar issues effectively.

Furthermore, organizations should leverage resources available to enhance their security posture against evolving threats. Engaging in penetration testing methodology can provide insights into potential weaknesses before attackers exploit them.

Lastly, the significance of this vulnerability underlines the need for continuous threat intelligence updates. Staying informed about emerging vulnerabilities and actively managing them is essential for maintaining a secure operational environment.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-21504: Medium Severity Vulnerability in Oracle MySQL Server