First published: Tue Jul 19 2022(Updated: )
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle Database - Enterprise Edition Sharding executes to compromise Oracle Database - Enterprise Edition Sharding. While the vulnerability is in Oracle Database - Enterprise Edition Sharding, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Database - Enterprise Edition Sharding. Note: None of the supported versions are affected. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Database |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-21510 is high with a CVSS score of 8.8.
The Oracle Database - Enterprise Edition Sharding component is affected by CVE-2022-21510.
A low privileged attacker with Local Logon privilege can exploit CVE-2022-21510.
Oracle Database - Enterprise Edition with all versions is affected by CVE-2022-21510.
More information about CVE-2022-21510 can be found at the Oracle Security Alerts website: https://www.oracle.com/security-alerts/cpujul2022.html