GHSA-9657-fg94-7m32

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.11,29,212.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).

Ссылки

EPSS

Процентиль: 74%

0.00817

Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-2518

Связанные уязвимости

CVE-2020-2518

CVSS3: 7.5

nvd

около 6 лет назад

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).

BDU:2020-00529

CVSS3: 7.5

fstec

около 6 лет назад

Уязвимость компонента Java VM системы управления базами данных Oracle Database Server, позволяющая нарушителю получить полный контроль над приложением

EPSS

Процентиль: 74%

0.00817

Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-2518