Description
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Notification Server executes to compromise Oracle Notification Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Notification Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Remediation
References
Related Vulnerabilities
Roundcube Improper Privilege Management Vulnerability (CVE-2017-8114)
WordPress Plugin Active Directory Authentication Integration Cross-Site Scripting (0.6)
WordPress Plugin WooCommerce-Store Exporter Multiple Cross-Site Scripting Vulnerabilities (1.7.5)
WordPress Plugin WP Coder-add custom html, css and js code SQL Injection (2.5.3)
WordPress Plugin Mingle Forum Multiple Vulnerabilities (1.0.33.3)