8.3
CVE-2021-2018
- EPSS 1.34%
- Veröffentlicht 20.01.2021 15:15:46
- Zuletzt bearbeitet 21.11.2024 06:02:11
- Quelle secalert_us@oracle.com
- Teams Watchlist Login
- Unerledigt Login
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. Note: CVE-2021-2018 affects Windows platform only. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Advanced Networking Option Version18c
Oracle ≫ Advanced Networking Option Version19c
Oracle ≫ Adaptive Access Manager Version11.1.2.3.0
Oracle ≫ Data Integrator Version11.1.1.9.0
Oracle ≫ Data Integrator Version12.2.1.3.0
Oracle ≫ Data Integrator Version12.2.1.4.0
Oracle ≫ Enterprise Manager For Fusion Applications Version13.3.0.0
Oracle ≫ Hospitality Simphony Version18.2.7.2
Oracle ≫ Hospitality Simphony Version19.1.3
Oracle ≫ Weblogic Server Version12.2.1.3.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.34% | 0.794 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
| secalert_us@oracle.com | 8.3 | 1.6 | 6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
|