Vulnerability in Oracle Berkeley DB Data Store Component
CVE-2019-2870

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 23 July 2019

Summary

This security flaw in the Data Store component of Oracle Berkeley DB permits an unauthenticated attacker with access to the execution infrastructure to exploit the vulnerability. Successful exploitation requires interaction from someone other than the attacker, making it challenging to execute. When successfully attacked, the Data Store can be compromised, leading to significant impacts on the confidentiality, integrity, and availability of the stored data, hence underscoring the importance of timely patching and mitigation.

Affected Version(s)

Oracle Berkeley DB 12.1.6.1.23

Oracle Berkeley DB 12.1.6.1.26

Oracle Berkeley DB 12.1.6.1.29

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018