Vulnerability Details : CVE-2022-21603
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Database - Sharding. Successful attacks of this vulnerability can result in takeover of Oracle Database - Sharding. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
Products affected by CVE-2022-21603
- cpe:2.3:a:oracle:database_-_sharding:19c:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_-_sharding:21c:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-21603
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-21603
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
Oracle |
References for CVE-2022-21603
-
https://www.oracle.com/security-alerts/cpuoct2022.html
Patch;Vendor Advisory
Jump to