Vulnerability in Data Store Component of Oracle Berkeley DB
CVE-2020-2981

7HIGH

Key Information:

Vendor: Oracle
Status: Oracle Berkeley Db
Vendor: CVE Published:; 15 July 2020

Summary

A vulnerability exists in the Data Store component of Oracle Berkeley DB, which affects versions prior to 18.1.40. This vulnerability can be exploited by an unauthenticated attacker who has access to the infrastructure where the Data Store operates. Exploitation requires human interaction from an individual other than the attacker, potentially leading to a compromise of the Data Store. If successfully exploited, the attacker could gain control over the Data Store, posing risks to the confidentiality, integrity, and availability of the involved data.

Affected Version(s)

Oracle Berkeley DB < 18.1.40

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Dec 10, 2019