First published: Wed Jan 16 2019(Updated: )
An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to take control of the system.
Credit: secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Database | =12.1.0.2 | |
Oracle Database | =12.2.0.1 | |
Oracle Database | =18c | |
IBM ISIM VA | <=7.0.2 | |
IBM ISIM VA | <=7.0.1 | |
=12.1.0.2 | ||
=12.2.0.1 | ||
=18c |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Oracle Database Server vulnerability is CVE-2019-2444.
The versions of Oracle Database Server that are affected by this vulnerability are 12.2.0.1 and 18c.
The severity level of CVE-2019-2444 is high with a score of 8.2.
This vulnerability can be exploited by a low privileged attacker with Local Logon privilege on the infrastructure where Core RDBMS executes.
You can find more information about this vulnerability at the following references: [CVE-2019-2444](http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html), [Security Focus](http://www.securityfocus.com/bid/106584), [IBM X-Force Exchange](https://exchange.xforce.ibmcloud.com/vulnerabilities/155761).