Oracle Java VM 12.1.0.2/19c/21c Create Procedure unknown vulnerability

A vulnerability was found in Oracle Java VM 12.1.0.2/19c/21c (Programming Language Software). It has been rated as critical. This issue affects an unknown functionality of the component Create Procedure. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field07/20/2022 08:15 AM08/06/2022 02:51 PM08/06/2022 02:55 PM
vendorOracleOracleOracle
nameJava VMJava VMJava VM
cveCVE-2022-21565CVE-2022-21565CVE-2022-21565
componentCreate ProcedureCreate ProcedureCreate Procedure
risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iHHH
cvss3_vuldb_aNNN
version12.1.0.2/19c/21c12.1.0.2/19c/21c12.1.0.2/19c/21c
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
urlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.html
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
identifierOracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
nameUpgradeUpgradeUpgrade
typeProgramming Language SoftwareProgramming Language SoftwareProgramming Language Software
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciNNN
cvss2_vuldb_iiCCC
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore5.95.95.9
cvss3_vuldb_basescore6.56.56.5
cvss3_vuldb_tempscore6.26.26.2
cvss3_meta_basescore6.56.56.5
cvss3_meta_tempscore6.26.26.3
price_0day$25k-$100k$25k-$100k$25k-$100k
price_trend---
cve_assigned1636930800 (11/15/2021)1636930800 (11/15/2021)
cve_nvd_summaryVulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iH
cvss3_cna_aN
cve_cnaOracle
cvss3_cna_basescore6.5

Do you need the next level of professionalism?

Upgrade your account now!