VDB
CVE-2021-2326
CVE-2021-2326
PUBLISHED
CVSS 2.700000047683716 LOW
Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise Database Vault. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Database Vault accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
EPSS 0.18% · 39.8th percentile
Risk Scores
CVSS 3.1
2.700000047683716
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.18%
39.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| oracle | database_vault | 19c, 12.2.0.1 |
| Oracle Corporation | Database - Enterprise Edition | 12.2.0.1, 19c |
Exploit Intelligence
- https://www.oracle.com/security-alerts/cpujul2021.html (circl)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
Timeline
- Jul 20, 2021 CVE Published
- Jul 21, 2021 EPSS Score
- Sep 18, 2021 EPSS Score
- Nov 17, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 16, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 14, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 11, 2022 EPSS Score
- Nov 9, 2022 EPSS Score