First published: Thu Oct 19 2017(Updated: )
An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to take control of the system.
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Database | =11.2.0.4 | |
Oracle Database | =12.1.0.2 | |
Oracle Database | =12.2.0.1 | |
IBM ISIM VA | <=7.0.2 | |
IBM ISIM VA | <=7.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-10321 is an unspecified vulnerability in Oracle Database Server related to the Core RDBMS component.
Oracle Database Server versions 11.2.0.4, 12.1.0.2, and 12.2.0.1 are affected by CVE-2017-10321.
CVE-2017-10321 has a severity rating of 8.8 (high).
CVE-2017-10321 can be exploited by a low privileged attacker with the Create session privilege and logon to the infrastructure where Core RDBMS executes.
You can find more information about CVE-2017-10321 at the following references: [Link 1](https://exchange.xforce.ibmcloud.com/vulnerabilities/133750), [Link 2](https://www.ibm.com/support/pages/node/6454587), [Link 3](http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html)