N/A

Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise RDBMS Security. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of RDBMS Security as well as unauthorized update, insert or delete access to some of RDBMS Security accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

N/A

Oracle Database Server 输入验证错误漏洞

Oracle Database Server是美国甲骨文（Oracle）公司的一套关系数据库管理系统。该数据库管理系统提供数据管理、分布式处理等功能。 Oracle Database Server 的 RDBMS 安全组件中存在输入验证错误漏洞，该漏洞允许具有 DBA 权限的高特权攻击者通过 Oracle Net 访问网络来破坏 RDBMS 安全性。成功攻击此漏洞可导致 RDBMS 安全挂起或频繁重复崩溃，以及对某些 RDBMS 安全可访问数据进行未经授权的更新、插入或删除访问。

N/A

N/A