Vulnerability in Data Store Component of Oracle Berkeley DB
CVE-2019-2760

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 23 July 2019

What is CVE-2019-2760?

A vulnerability exists within the Data Store component of Oracle Berkeley DB, allowing unauthorized access to the system by an unauthenticated attacker. This flaw can be exploited if the attacker can gain access to the infrastructure where Data Store operates, and it requires human interaction from a third party to trigger a successful attack. If exploited, this vulnerability could enable an attacker to take complete control over the Data Store, posing significant risks to data confidentiality, integrity, and availability.

Affected Version(s)

Oracle Berkeley DB 12.1.6.1.23

Oracle Berkeley DB 12.1.6.1.26

Oracle Berkeley DB 12.1.6.1.29

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018