VDB
CVE-2022-21410
CVE-2022-21410
PUBLISHED
CVSS 7.199999809265137 HIGH
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition Sharding. Successful attacks of this vulnerability can result in takeover of Oracle Database - Enterprise Edition Sharding. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
EPSS 1.23% · 79.4th percentile
Risk Scores
CVSS v3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
1.23%
79.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Corporation | Database - Enterprise Edition | 19c |
| oracle | database | 19c |
Timeline
- Apr 19, 2022 CVE Published
- Apr 20, 2022 EPSS Score
- Jun 9, 2022 EPSS Score
- Jul 30, 2022 EPSS Score
- Sep 18, 2022 EPSS Score
- Nov 7, 2022 EPSS Score
- Dec 27, 2022 EPSS Score
- Feb 15, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 14, 2023 EPSS Score
- Sep 2, 2023 EPSS Score