CVE-2021-2351

🗓️ 21 Jul 2021 15:15:21Reported by [email protected]Type

Vulnerability in Oracle Database Server's Advanced Networking Option, versions 12.1.0.2, 12.2.0.1, 19c, may lead to takeove

Reporter	Title	Published	Views	Family All 58
0day.today	Oracle Database Weak NNE Integrity Key Derivation Vulnerability	13 Dec 202100:00	–	zdt
0day.today	Oracle Database Protection Mechanism Bypass Vulnerability	13 Dec 202100:00	–	zdt
IBM Security Bulletins	Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2351)	22 Oct 202106:38	–	ibm
IBM Security Bulletins	Security Bulletin: Oracle Database Server Security Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2351)	22 Oct 202106:40	–	ibm
IBM Security Bulletins	Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2351)	22 Oct 202106:36	–	ibm
IBM Security Bulletins	Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Mgmt (CVE-2021-2351)	22 Oct 202106:37	–	ibm
IBM Security Bulletins	Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-2351)	22 Oct 202106:39	–	ibm
BDU FSTEC	The vulnerability of the Advanced Networking Option component of the Oracle Database Server allows a attacker to execute a “man-in-the-middle” attack and gain full control over the system.	20 Dec 202100:00	–	bdu_fstec
CNNVD	Oracle Database Server 授权问题漏洞	20 Jul 202100:00	–	cnnvd
CNVD	Oracle Database Server has an unspecified vulnerability (CNVD-2022-09810)	21 Jul 202100:00	–	cnvd

NVD

Node

oracle advanced_networking_optionMatch12.1.0.2

oracle advanced_networking_optionMatch12.2.0.1

oracle advanced_networking_optionMatch19c

oracle agile_engineering_data_managementMatch6.2.1.0

oracle agile_plmMatch9.3.6

oracle agile_product_lifecycle_management_for_processMatch6.2.2.0

oracle agile_product_lifecycle_management_for_processMatch6.2.3.0

oracle airlines_data_modelMatch12.1.1.0.0

oracle airlines_data_modelMatch12.2.0.1.0

oracle application_performance_managementMatch13.4.1.0

oracle application_performance_managementMatch13.5.1.0

oracle application_testing_suiteMatch13.3.0.1

oracle argus_analyticsMatch8.2.1

oracle argus_analyticsMatch8.2.2

oracle argus_analyticsMatch8.2.3

oracle argus_insightMatch8.2.1

oracle argus_insightMatch8.2.2

oracle argus_insightMatch8.2.3

oracle argus_martMatch8.2.1

oracle argus_martMatch8.2.2

oracle argus_martMatch8.2.3

oracle argus_safetyMatch8.2.1

oracle argus_safetyMatch8.2.2

oracle argus_safetyMatch8.2.3

oracle banking_apisRange18.1–18.3

oracle banking_apisMatch19.1

oracle banking_apisMatch19.2

oracle banking_apisMatch20.1

oracle banking_apisMatch21.1

oracle banking_digital_experienceRange18.1–18.3

oracle banking_digital_experienceMatch17.2

oracle banking_digital_experienceMatch19.1

oracle banking_digital_experienceMatch19.2

oracle banking_digital_experienceMatch20.1

oracle banking_digital_experienceMatch21.1

oracle banking_enterprise_default_managementMatch2.10.0

oracle banking_enterprise_default_managementMatch2.12.0

oracle banking_platformMatch2.6.2

oracle banking_platformMatch2.7.1

oracle banking_platformMatch2.12.0

oracle big_data_spatial_and_graphRange<23.1

oracle blockchain_platformMatch21.1.2

oracle clinicalMatch5.2.1

oracle clinicalMatch5.2.2

oracle commerce_platformMatch11.3.0

oracle commerce_platformMatch11.3.1

oracle commerce_platformMatch11.3.2

oracle communications_application_session_controllerMatch3.9.0

oracle communications_billing_and_revenue_managementMatch12.0.0.4

oracle communications_billing_and_revenue_managementMatch12.0.0.5

oracle communications_calendar_serverMatch8.0.0.5.0

oracle communications_contacts_serverMatch8.0.0.3.0

oracle communications_convergent_charging_controllerRange12.0.1.0.0–12.0.4.0.0

oracle communications_convergent_charging_controllerMatch6.0.1.0.0

oracle communications_data_modelMatch11.3.2.1.0

oracle communications_data_modelMatch11.3.2.2.0

oracle communications_data_modelMatch11.3.2.3.0

oracle communications_data_modelMatch12.1.0.1.0

oracle communications_data_modelMatch12.1.2.0.0

oracle communications_design_studioMatch7.3.5

oracle communications_design_studioMatch7.4.0

oracle communications_design_studioMatch7.4.1

oracle communications_design_studioMatch7.4.2

oracle communications_diameter_intelligence_hubRange8.0.0–8.2.3

oracle communications_ip_service_activatorMatch7.4.0

oracle communications_metasolv_solutionMatch6.3.1

oracle communications_network_charging_and_controlRange12.0.1.0–12.0.4.0.0

oracle communications_network_charging_and_controlMatch6.0.1.0.0

oracle communications_network_integrityMatch7.3.5

oracle communications_network_integrityMatch7.3.6

oracle communications_pricing_design_centerMatch12.0.0.4

oracle communications_pricing_design_centerMatch12.0.0.5

oracle communications_services_gatekeeperMatch7.0

oracle communications_session_report_managerRange8.0.0–8.2.5.0

oracle communications_session_route_managerRange8.2.0–8.2.5

oracle data_integratorMatch12.2.1.3.0

oracle data_integratorMatch12.2.1.4.0

oracle demantra_demand_managementRange12.2.6–12.2.11

oracle documakerRange12.6.2–12.6.4

oracle documakerMatch12.6.0

oracle documakerMatch12.7.0

oracle enterprise_data_qualityMatch12.2.1.3.0

oracle enterprise_data_qualityMatch12.2.1.4.0

oracle enterprise_manager_base_platformMatch13.4.0.0

oracle enterprise_manager_base_platformMatch13.5.0.0

oracle enterprise_manager_ops_centerMatch12.4.0.0

oracle financial_services_analytical_applications_infrastructureRange8.0.7–8.1.1

oracle financial_services_behavior_detection_platformMatch8.0.7

oracle financial_services_behavior_detection_platformMatch8.0.8

oracle financial_services_behavior_detection_platformMatch8.0.11

oracle financial_services_enterprise_case_managementMatch8.0.7

oracle financial_services_enterprise_case_managementMatch8.0.8

oracle financial_services_enterprise_case_managementMatch8.0.11

oracle financial_services_foreign_account_tax_compliance_act_managementMatch8.0.7

oracle financial_services_foreign_account_tax_compliance_act_managementMatch8.0.8

oracle financial_services_foreign_account_tax_compliance_act_managementMatch8.0.11

oracle financial_services_model_management_and_governanceRange8.0.8.0.0–8.1.1.0.0

oracle financial_services_trade-based_anti_money_launderingMatch8.0.7enterprise

oracle financial_services_trade-based_anti_money_launderingMatch8.0.8enterprise

oracle flexcube_investor_servicingMatch12.0.4

oracle flexcube_investor_servicingMatch12.1.0

oracle flexcube_investor_servicingMatch12.3.0

oracle flexcube_investor_servicingMatch12.4.0

oracle flexcube_investor_servicingMatch14.4.0

oracle flexcube_investor_servicingMatch14.5.0

oracle flexcube_private_bankingMatch12.0.0

oracle flexcube_private_bankingMatch12.1.0

oracle fusion_middlewareMatch12.2.1.3.0

oracle fusion_middlewareMatch12.2.1.4.0

oracle goldengateRange<12.3.0.1.0

oracle goldengateRange19.1.0.0.1–21.5.0.0.220118

oracle goldengate_application_adaptersRange<23.1

oracle graph_server_and_clientRange<21.4.0

oracle health_sciences_clinical_development_analyticsMatch4.0.1

oracle health_sciences_inform_crf_submitMatch6.2.1

oracle health_sciences_information_managerMatch3.0.2

oracle health_sciences_information_managerMatch3.0.3

oracle healthcare_data_repositoryMatch7.0.2

oracle healthcare_data_repositoryMatch8.1.0

oracle healthcare_data_repositoryMatch8.1.1

oracle healthcare_foundationRange7.3.0–7.3.0.2

oracle healthcare_foundationRange8.0.0–8.0.2

oracle healthcare_foundationRange8.1.0–8.1.1

oracle healthcare_translational_researchMatch4.1.0

oracle hospitality_inventory_managementRange<9.1.0

oracle hospitality_inventory_managementMatch9.1.0

oracle hospitality_opera_5Match5.6

oracle hospitality_reporting_and_analyticsMatch9.1.0

oracle hospitality_suite8Match8.10.2

oracle hospitality_suite8Match8.11.0

oracle hospitality_suite8Match8.12.0

oracle hospitality_suite8Match8.13.0

oracle hospitality_suite8Match8.14.0

oracle hyperion_infrastructure_technologyMatch11.2.7.0

oracle ilearningMatch6.2

oracle ilearningMatch6.3

oracle instantis_enterprisetrackMatch17.1

oracle instantis_enterprisetrackMatch17.2

oracle instantis_enterprisetrackMatch17.3

oracle insurance_data_gatewayMatch11.0.2

oracle insurance_data_gatewayMatch11.1.0

oracle insurance_data_gatewayMatch11.2.7

oracle insurance_data_gatewayMatch11.3.0

oracle insurance_data_gatewayMatch11.3.1

oracle insurance_insbridge_rating_and_underwritingRange5.4–5.6.0

oracle insurance_insbridge_rating_and_underwritingMatch5.2.0

oracle insurance_policy_administrationMatch11.0.2

oracle insurance_policy_administrationMatch11.1.0

oracle insurance_policy_administrationMatch11.2.7

oracle insurance_policy_administrationMatch11.3.0

oracle insurance_policy_administrationMatch11.3.1

oracle insurance_rules_paletteMatch11.0.2

oracle insurance_rules_paletteMatch11.1.0

oracle insurance_rules_paletteMatch11.2.7

oracle insurance_rules_paletteMatch11.3.0

oracle insurance_rules_paletteMatch11.3.1

oracle jd_edwards_enterpriseone_toolsMatch9.2.6.3

oracle oss_support_toolsRange<2.12.42

oracle peoplesoft_enterprise_peopletoolsMatch8.57

oracle peoplesoft_enterprise_peopletoolsMatch8.58

oracle peoplesoft_enterprise_peopletoolsMatch8.59

oracle policy_automationRange12.2.0–12.2.24

oracle primavera_analyticsMatch18.8.3.3

oracle primavera_analyticsMatch19.12.11.1

oracle primavera_analyticsMatch20.12.12.0

oracle primavera_data_warehouseMatch18.8.3.3

oracle primavera_data_warehouseMatch19.12.11.1

oracle primavera_data_warehouseMatch20.12.12.0

oracle primavera_gatewayRange17.12.0–17.12.11

oracle primavera_gatewayRange18.8.0–18.8.12

oracle primavera_gatewayRange19.12.0–19.12.11

oracle primavera_gatewayRange20.12.0–20.12.7

oracle primavera_p6_enterprise_project_portfolio_managementRange17.12.0.0–17.12.20

oracle primavera_p6_enterprise_project_portfolio_managementRange18.8.0.0–18.8.24

oracle primavera_p6_enterprise_project_portfolio_managementRange19.12.0.0–19.12.17.0

oracle primavera_p6_enterprise_project_portfolio_managementRange20.12.0.0–20.12.9.0

oracle primavera_p6_professional_project_managementRange17.12–17.12.20.0

oracle primavera_p6_professional_project_managementRange18.8–18.8.24.0

oracle primavera_p6_professional_project_managementRange19.12.0.0–19.12.17.0

oracle primavera_p6_professional_project_managementRange20.12.0.0–20.12.9.0

oracle primavera_unifierRange17.7–17.12

oracle primavera_unifierMatch18.8

oracle primavera_unifierMatch19.12

oracle primavera_unifierMatch20.12

oracle primavera_unifierMatch21.12

oracle product_lifecycle_analyticsMatch3.6.1

oracle rapid_planningRange12.2.6–12.2.11

oracle real_user_experience_insightMatch13.4.1.0

oracle real_user_experience_insightMatch13.5.1.0

oracle retail_analyticsRange16.0.0–16.0.2

oracle retail_assortment_planningMatch16.0.3

oracle retail_back_officeMatch14.1

oracle retail_central_officeMatch14.1

oracle retail_customer_insightsRange16.0–16.0.2

oracle retail_extract_transform_and_loadMatch13.2.8

oracle retail_financial_integrationMatch14.1.3.2

oracle retail_financial_integrationMatch15.0.3.1

oracle retail_financial_integrationMatch16.0.3.0

oracle retail_financial_integrationMatch19.0.1

oracle retail_integration_busMatch14.1.3.2

oracle retail_integration_busMatch15.0.3.1

oracle retail_integration_busMatch16.0.3

oracle retail_integration_busMatch19.0.1

oracle retail_merchandising_systemMatch19.0.1

oracle retail_order_brokerMatch16.0

oracle retail_order_brokerMatch18.0

oracle retail_order_brokerMatch19.1

oracle retail_order_management_systemMatch19.5

oracle retail_point-of-serviceMatch14.1

oracle retail_predictive_application_serverMatch14.1.3

oracle retail_predictive_application_serverMatch15.0.3

oracle retail_predictive_application_serverMatch16.0.3

oracle retail_price_managementMatch14.1

oracle retail_price_managementMatch15.0

oracle retail_price_managementMatch16.0

oracle retail_returns_managementMatch14.1

oracle retail_service_backboneMatch14.1.3.2

oracle retail_service_backboneMatch15.0.3.1

oracle retail_service_backboneMatch16.0.3

oracle retail_service_backboneMatch19.0.1

oracle retail_store_inventory_managementMatch14.1

oracle retail_store_inventory_managementMatch15.0

oracle retail_store_inventory_managementMatch16.0

oracle retail_xstore_point_of_serviceMatch17.0.4

oracle retail_xstore_point_of_serviceMatch18.0.3

oracle retail_xstore_point_of_serviceMatch19.0.2

oracle retail_xstore_point_of_serviceMatch20.0.1

oracle siebel_ui_frameworkRange≤21.12

oracle spatial_studioRange<21.2.1

oracle storagetek_acslsMatch8.5.1

oracle storagetek_tape_analyticsMatch2.4

oracle thesaurus_management_systemMatch5.2.3

oracle thesaurus_management_systemMatch5.3.0

oracle thesaurus_management_systemMatch5.3.1

oracle timesten_in-memory_databaseRange<21.1.1.1.0

oracle timesten_in-memory_databaseMatch21.1.1.1.0

oracle utilities_frameworkRange4.3.0.1.0–4.3.0.6.0

oracle utilities_frameworkMatch4.2.0.3.0

oracle utilities_frameworkMatch4.4.0.0.0

oracle utilities_frameworkMatch4.4.0.2.0

oracle utilities_frameworkMatch4.4.0.3.0

oracle utilities_testing_acceleratorMatch6.0.0.1.1

oracle utilities_testing_acceleratorMatch6.0.0.2.2

oracle utilities_testing_acceleratorMatch6.0.0.3.1

oracle weblogic_serverMatch12.2.1.3.0

oracle weblogic_serverMatch12.2.1.4.0

oracle weblogic_serverMatch14.1.1.0.0

oracle zfs_storage_application_integration_engineering_softwareMatch1.3.3

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html
oracle	www.oracle.com/security-alerts/cpujan2023.html
oracle	www.oracle.com/security-alerts/cpuapr2022.html
oracle	www.oracle.com/security-alerts/cpujul2021.html
seclists	www.seclists.org/fulldisclosure/2021/Dec/20
oracle	www.oracle.com/security-alerts/cpujan2022.html
oracle	www.oracle.com/security-alerts/cpuoct2021.html
packetstormsecurity	www.packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html
oracle	www.oracle.com/security-alerts/cpujul2022.html
seclists	www.seclists.org/fulldisclosure/2021/Dec/19

17 Jun 2026 03:49Current

CVSS 25.1

CVSS 3.17.5 - 8.3

EPSS0.025