Lucene search
OracleCVELIST:CVE-2019-2956HistoryOct 16, 2019 - 5:40 p.m.
CVE-2019-2956
2019-10-1617:40:56
oracle
www.cve.org
6
Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via multiple protocols to compromise Core RDBMS (jackson-databind). Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Core RDBMS (jackson-databind). CVSS 3.0 Base Score 5.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).
CNA Affected
[
{
"product": "Oracle Database",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "12.1.0.2"
},
{
"status": "affected",
"version": "12.2.0.1"
},
{
"status": "affected",
"version": "18c"
},
{
"status": "affected",
"version": "19c"
}
]
}
]Related
nvd
nvd
CVE-2019-2956
2019-10-16 18:15:30
prion
prion
Design/Logic Flaw
2019-10-16 18:15:00
symantec
symantec
Oracle Database Server CVE-2019-2956 Remote Security Vulnerability
2019-10-15 00:00:00
cve
cve
CVE-2019-2956
2019-10-16 18:15:30
ibm
ibm
nessus
nessus
Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)
2019-10-18 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00