Securty scan vulnerability CVE for MySQL
Article ID: 440315
Updated On:
Products
Issue/Introduction
Security scans in a Smarts M&R 7.9 environment may identify several vulnerabilities related to the bundled MySQL database.
The following CVEs have been highlighted for remediation:
CVE-2025-53040 | CVE-2025-53062 |
CVE-2025-53042 | CVE-2026-21936 |
CVE-2025-53044 | CVE-2026-21937 |
CVE-2025-53045 | CVE-2026-21941 |
CVE-2025-53053 | CVE-2026-21948 |
CVE-2025-53054 | CVE-2026-21964 |
CVE-2025-53069 | CVE-2026-21968 |
Environment
All supported M&R versions
Cause
These vulnerabilities exist within the specific version of Oracle MySQL bundled with the M&R 7.9 release. The vulnerabilities typically range from low to medium severity and may allow attackers with network access to cause a denial of service (DoS) or unauthorized access depending on the specific CVE.
Resolution
There is currently no manual patch or workaround available to update the MySQL component independently of the M&R product release. Customers are advised to plan for a product upgrade once the next version of M&R is available on the Broadcom Support Portal).
The resolution involves an upgrade to MySQL version 8.4.8.
Feedback
