VDB

GSD-2023-22077

GSD-2023-22077 PUBLISHED CVSS 4.900000095367432 MEDIUM

Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having DBA account privilege with network access via Oracle Net to compromise Oracle Database Recovery Manager. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Database Recovery Manager. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Risk Scores

CVSS v3.1
4.900000095367432
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Oracle CorporationDatabase - Enterprise Edition19.3, 21.3

Timeline

  • Aug 6, 2025 PoC Published
  • Apr 21, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›