CVE-2022-21410

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition Sharding. Successful attacks of this vulnerability can result in takeover of Oracle Database - Enterprise Edition Sharding. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*

History

27 Apr 2022, 17:45

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.2
v2 : 6.5
v3 : 7.2
CPE cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*
References (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Vendor Advisory
CWE NVD-CWE-noinfo

19 Apr 2022, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-04-19 21:15

Updated : 2024-02-04 22:29


NVD link : CVE-2022-21410

Mitre link : CVE-2022-21410

CVE.ORG link : CVE-2022-21410


JSON object : View

Products Affected

oracle

  • database