How severe is CVE-2025-30685?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2025-30685?

This is classified as CWE-732, which is a common weakness in software security.

CVE-2025-30685 - MEDIUM Severity | CVSS 4.9

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Related Vulnerabilities

CVE-2017-18875

MEDIUM

CVSS:4.9(Medium)

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can create arbitrary files.

CWE-7322017

CVE-2017-18876

MEDIUM

CVSS:4.9(Medium)

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can test for the existence of an arbitrary file.

CWE-7322017

CVE-2018-13025

MEDIUM

CVSS:4.9(Medium)

protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to delete arbitrary files via the index.php?r=admin/photo/delpic picname parameter.

CWE-7322018

CVE-2018-14886

MEDIUM

CVSS:4.9(Medium)

The module-description renderer in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier does not disable RST's local file inclusion, which allows privileged authenticated users to read...

CWE-7322018

CVE-2018-20420

MEDIUM

CVSS:4.9(Medium)

In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directo...

CWE-7322018

CVE-2019-3893

MEDIUM

CVSS:4.9(Medium)

In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resourc...

CWE-7322019