First published: Tue Apr 19 2022(Updated: )
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition Sharding. Successful attacks of this vulnerability can result in takeover of Oracle Database - Enterprise Edition Sharding. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Database | =19c |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-21410 is high with a CVSS score of 7.2.
Oracle Database version 19c is affected by CVE-2022-21410.
Yes, CVE-2022-21410 is an easily exploitable vulnerability.
An attacker with Create Any Procedure privilege can exploit CVE-2022-21410.
CVE-2022-21410 can be exploited through network access via Oracle Net.