Vulnerability in Oracle Berkeley DB Data Store Component
CVE-2017-3611

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 24 April 2017

Summary

The vulnerability within the Data Store component of Oracle Berkeley DB allows an unauthenticated attacker, who has access to the infrastructure where Data Store runs, to compromise the system. Although exploitation is difficult, it requires human interaction from another user, which increases the complexity of successful attacks. If exploited, this vulnerability can lead to a full takeover of the Data Store, impacting confidentiality, integrity, and availability of the data.

Affected Version(s)

Oracle Berkeley DB < 6.2.32

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97859

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2017
Vulnerability Reserved
Dec 6, 2016