VDB

CVE-2017-10120

CVE-2017-10120 PUBLISHED CVSS 1.899999976158142 LOW

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with logon to the infrastructure where RDBMS Security executes to compromise RDBMS Security. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of RDBMS Security accessible data. CVSS 3.0 Base Score 1.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N).

EPSS 0.08% · 24.0th percentile

Risk Scores

CVSS 2.0
1.899999976158142
EPSS Score
0.08%
24.0th percentile

Affected Products

VendorProductVersions
oracledatabase_server12.1.0.2
Oracle CorporationOracle Database12.1.0.2

Exploit Intelligence

…and 25 more exploits

Timeline

  • Jun 20, 2016 PoC Published
  • Aug 8, 2017 CVE Published
  • Jul 20, 2018 PoC Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • May 13, 2022 CVE Updated
  • Jul 3, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›