exploitDog

GHSA-vmj6-8wqf-54hv

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Ссылки

EPSS

Процентиль: 89%

0.04946

Низкий

9.8 Critical

CVSS3

CVE ID

Связанные уязвимости

CVE-2018-3259

CVSS3: 9.8

nvd

больше 7 лет назад

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

BDU:2018-01325

CVSS3: 9.8

fstec

больше 7 лет назад

Уязвимость компонента Java VM системы управления базами данных Oracle Database Server, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 89%

0.04946

Низкий

9.8 Critical

CVSS3

CVE ID