Data Store Vulnerability in Oracle Berkeley DB
CVE-2017-3609

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 24 April 2017

Summary

A security flaw in the Data Store component of Oracle Berkeley DB, specifically affecting all versions prior to 6.2.32, allows an unauthenticated attacker with access to the infrastructure where the Data Store operates to exploit the vulnerability. Successful exploitation requires human interaction from an individual other than the attacker, leading to a potential compromise of the Data Store. This vulnerability emphasizes the importance of proper security measures and access controls within environments utilizing Oracle Berkeley DB.

Affected Version(s)

Oracle Berkeley DB < 6.2.32

References

http://www.securityfocus.com/bid/97857

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2017
Vulnerability Reserved
Dec 6, 2016