Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-3567

Опубликовано: 24 апр. 2017
Источник: nvd
CVSS3: 5.3
CVSS2: 3.5
EPSS Низкий

Описание

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise OJVM. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of OJVM. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 62%
0.00429
Низкий

5.3 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-9wcj-5cj6-xh9j

CVSS3: 5.3
github
больше 3 лет назад

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise OJVM. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of OJVM. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

EPSS

Процентиль: 62%
0.00429
Низкий

5.3 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

NVD-CWE-noinfo