CVE-2022-21603 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-21603 PUBLISHED CVSS 7.199999809265137 HIGH

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Database - Sharding. Successful attacks of this vulnerability can result in takeover of Oracle Database - Sharding. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

EPSS 1.24% · 79.2th percentile

Risk Scores

CVSS v3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

1.24%

79.2th percentile

Affected Products

Vendor	Product	Versions
Oracle Corporation	Database - Enterprise Edition	19c, 21c
oracle	database_-_sharding	19c, 21c

Timeline

Oct 18, 2022 CVE Published
Oct 19, 2022 EPSS Score
Dec 1, 2022 EPSS Score
Jan 13, 2023 EPSS Score
Feb 26, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 10, 2023 EPSS Score
May 23, 2023 EPSS Score
Jul 5, 2023 EPSS Score
Aug 17, 2023 EPSS Score
Sep 29, 2023 EPSS Score
Nov 12, 2023 EPSS Score

References

Open in Interactive Console →