Oracle Database Enterprise Edition 12.1.0.2/19c/21c input validation

A vulnerability was found in Oracle Database Enterprise Edition 12.1.0.2/19c/21c (Database Software) and classified as very critical. Affected by this issue is an unknown code block. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field07/20/2022 08:15 AM08/06/2022 02:36 PM08/06/2022 02:37 PM
vendorOracleOracleOracle
nameDatabase Enterprise EditionDatabase Enterprise EditionDatabase Enterprise Edition
cveCVE-2020-35169CVE-2020-35169CVE-2020-35169
risk333
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aNNN
version12.1.0.2/19c/21c12.1.0.2/19c/21c12.1.0.2/19c/21c
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
urlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.html
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
identifierOracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
nameUpgradeUpgradeUpgrade
typeDatabase SoftwareDatabase SoftwareDatabase Software
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore9.49.49.4
cvss2_vuldb_tempscore8.28.28.2
cvss3_vuldb_basescore9.19.19.1
cvss3_vuldb_tempscore8.78.78.7
cvss3_meta_basescore9.19.19.3
cvss3_meta_tempscore8.78.79.2
price_0day$100k and more$100k and more$25k-$100k
cve_assigned1607641200 (12/11/2020)1607641200 (12/11/2020)
cve_nvd_summaryDell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.
cvss3_nvd_basescore9.8
cvss3_cna_basescore9.1
cwe0020 (input validation)
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prN
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cH
cvss3_cna_iH
cvss3_cna_aN
cve_cnaDell
cvss2_nvd_basescore7.5

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!