Oracle Database Enterprise Edition RDBMS Security 12.1.0.2/19c/21c DBA role denial of service

A vulnerability has been found in Oracle Database Enterprise Edition RDBMS Security 12.1.0.2/19c/21c (Database Software) and classified as problematic. This vulnerability affects some unknown processing of the component DBA role. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field07/20/2022 08:15 AM08/06/2022 03:28 PM08/06/2022 03:33 PM
vendorOracleOracleOracle
nameDatabase Enterprise Edition RDBMS SecurityDatabase Enterprise Edition RDBMS SecurityDatabase Enterprise Edition RDBMS Security
cveCVE-2022-21432CVE-2022-21432CVE-2022-21432
componentDBA roleDBA roleDBA role
risk111
cwe404 (denial of service)404 (denial of service)404 (denial of service)
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prHHH
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
version12.1.0.2/19c/21c12.1.0.2/19c/21c12.1.0.2/19c/21c
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
urlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.html
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
identifierOracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
nameUpgradeUpgradeUpgrade
typeDatabase SoftwareDatabase SoftwareDatabase Software
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auMMM
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore3.33.33.3
cvss2_vuldb_tempscore2.92.92.9
cvss3_vuldb_basescore2.72.72.7
cvss3_vuldb_tempscore2.62.62.6
cvss3_meta_basescore2.72.72.7
cvss3_meta_tempscore2.62.62.6
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1636930800 (11/15/2021)1636930800 (11/15/2021)
cve_nvd_summaryVulnerability in the Oracle Database - Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition RDBMS Security. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database - Enterprise Edition RDBMS Security. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).Vulnerability in the Oracle Database - Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition RDBMS Security. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database - Enterprise Edition RDBMS Security. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prH
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iN
cvss3_cna_aL
cve_cnaOracle
cvss3_cna_basescore2.7

Do you need the next level of professionalism?

Upgrade your account now!