Data Store Vulnerability in Oracle Berkeley DB Affects Multiple Versions
CVE-2017-3610

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 24 April 2017

Summary

The Data Store component of Oracle Berkeley DB is susceptible to vulnerabilities that can allow an unauthenticated attacker, who has access to the infrastructure where the Data Store is operational, to potentially take control of the Data Store. The attack requires human interaction from a third party. This weakness is present in versions prior to 6.2.32, indicating that timely updates and patching are necessary to safeguard against potential exploitation. Organizations using affected versions must prioritize security measures to bolster their defenses.

Affected Version(s)

Oracle Berkeley DB < 6.2.32

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97858

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2017
Vulnerability Reserved
Dec 6, 2016