EUVD-2025-34375

🗓️ 14 Oct 2025 18:30:35Reported by EUVDType

Improper input validation in the SQL Server JDBC driver enables unauthorized network spoofing.

Reporter	Title	Published	Views	Family All 40
IBM Security Bulletins	Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to spoofing vulnerabilty in MSSQL JDBC driver (CVE-2025-59250)	17 Mar 202619:38	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9.	9 Dec 202508:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.	11 Dec 202515:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Manage Component uses mssql-jdbc-12.8.1.jre11.jar dependency which is vulnerable to CVE-2025-59250.	17 Mar 202606:44	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions	14 Apr 202615:53	–	ibm
Chainguard	CVE-2025-59250 vulnerabilities	5 Nov 202513:27	–	cgr
Circl	CVE-2025-59250	14 Oct 202516:38	–	circl
CNNVD	Microsoft JDBC Driver 输入验证错误漏洞	14 Oct 202500:00	–	cnnvd
Atlassian	Improper Input Validation in MSSQL JDBC driver in Crucible Server and Fisheye Server	3 Dec 202521:13	–	atlassian
CVE	CVE-2025-59250	14 Oct 202517:00	–	cve

[
  {
    "enisaIdVendor": [
      {
        "id": "5c01cbfe-3221-33c7-8492-11824dcc8d91",
        "vendor": {
          "name": "Microsoft"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "235be0a1-abff-324f-a32e-cdb880945012",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 12.10"
        },
        "product_version": "1.0.0 <12.10.2"
      },
      {
        "id": "32f52a9e-bea7-3d33-8833-b597a5d51c9e",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 10.2"
        },
        "product_version": "1.0.0 <10.2.4"
      },
      {
        "id": "9ebed268-6348-3c32-9fc8-2fb4651bd538",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 12.8"
        },
        "product_version": "1.0.0 <12.8.2"
      },
      {
        "id": "b6ce37cf-8cce-3e64-b86b-3bc09d651c63",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 12.4"
        },
        "product_version": "1.0.0 <12.4.3"
      },
      {
        "id": "ba5a69f2-48e9-3a61-919e-e6d634adc367",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 12.2"
        },
        "product_version": "1.0.0 <12.2.1"
      },
      {
        "id": "bf7b33c1-08f4-373a-8cbc-17e3325f8478",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 11.2"
        },
        "product_version": "1.0.0 <11.2.4"
      },
      {
        "id": "d954d718-941a-36e1-aa6e-b297807db51e",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 13.2"
        },
        "product_version": "1.0.0 <13.2.1"
      },
      {
        "id": "fac330d0-6451-372a-8116-478974e1587e",
        "product": {
          "name": "Microsoft JDBC Driver for SQL Server 12.6"
        },
        "product_version": "1.0.0 <12.6.5"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59250
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-59250

14 Oct 2025 18:30Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.18.1

EPSS0.00086

SSVC