CVE-2019-2569
Summary
| CVE | CVE-2019-2569 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-07-23 23:15:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes to compromise Core RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Core RDBMS accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N). |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Database Server | 11.2.0.4 | All | All | All |
| Application | Oracle | Database Server | 12.1.0.2 | All | All | All |
| Application | Oracle | Database Server | 12.2.0.1 | All | All | All |
| Application | Oracle | Database Server | 11.2.0.4 | All | All | All |
| Application | Oracle | Database Server | 12.1.0.2 | All | All | All |
| Application | Oracle | Database Server | 12.2.0.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Oracle Critical Patch Update Advisory - July 2019 | MISC | www.oracle.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.