CVE-2019-2734
First published: Wed Oct 16 2019(Updated: )
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Execute on DBMS_ADVISOR privilege with network access via OracleNet to compromise Core RDBMS. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Core RDBMS accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Database Server | =12.2.0.1 | |
| Oracle Database Server | =18c | |
| Oracle Database Server | =19c |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-2734?
The severity of CVE-2019-2734 is medium with a severity value of 4.3.
Which versions of Oracle Database Server are affected by CVE-2019-2734?
Oracle Database Server versions 12.2.0.1, 18c, and 19c are affected by CVE-2019-2734.
What privileges does an attacker need to exploit CVE-2019-2734?
An attacker needs the Create Session and Execute on DBMS_ADVISOR privileges with network access via OracleNet to exploit CVE-2019-2734.
How can I fix CVE-2019-2734?
To fix CVE-2019-2734, apply the necessary patches provided by Oracle as mentioned in their security advisory.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/remedy
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle database server
- version/oracle database server/12.2.0.1
- version/oracle database server/18c
- version/oracle database server/19c