Oracle Database Server Vulnerability in Oracle Text Component
CVE-2019-2753

4.6MEDIUM

Key Information:

Vendor: Oracle
Status: Text
Vendor: CVE Published:; 23 July 2019

Summary

A vulnerability exists in the Oracle Text component of Oracle Database Server that allows a low-privileged attacker with network access and Create Session privileges to compromise Oracle Text. Exploitation of this vulnerability requires human interaction from a third party. Successful exploitation can lead to unauthorized read access to certain Oracle Text data and may facilitate partial denial of service. This vulnerability is significant as it impacts the confidentiality and availability of sensitive data managed within the affected database versions.

Affected Version(s)

Text 11.2.0.4

Text 12.1.0.2

Text 12.2.0.1

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018