Data Store Vulnerability in Oracle Berkeley DB
CVE-2017-3615

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 24 April 2017

What is CVE-2017-3615?

A vulnerability exists in the Data Store component of Oracle Berkeley DB prior to version 6.2.32, allowing an unauthenticated attacker who has access to the infrastructure running the Data Store to potentially compromise it. Exploitation of this vulnerability necessitates human interaction from a third-party individual. Successful exploitation could result in unauthorized control and access to sensitive data managed by the Data Store, affecting confidentiality, integrity, and availability.

Affected Version(s)

Oracle Berkeley DB < 6.2.32

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97863

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2017
Vulnerability Reserved
Dec 6, 2016