Data Store Vulnerability in Oracle Berkeley DB
CVE-2019-2868

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 23 July 2019

Summary

The vulnerability in the Data Store component of Oracle Berkeley DB allows unauthenticated attackers who have access to the infrastructure where the Data Store operates to compromise its functionality. Although difficult to exploit without human interaction from another user, successful exploitations can lead to a complete takeover of the Data Store, risking confidentiality, integrity, and availability of the stored data. Organizations using affected versions need to take precautions to safeguard their systems.

Affected Version(s)

Oracle Berkeley DB 12.1.6.1.23

Oracle Berkeley DB 12.1.6.1.26

Oracle Berkeley DB 12.1.6.1.29

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018