Unauthenticated Network Vulnerability in Advanced Networking Option of Oracle Database Server
CVE-2021-2018

8.3HIGH

Key Information:

Vendor: Oracle
Status: Advanced Networking Option
Vendor: CVE Published:; 20 January 2021

What is CVE-2021-2018?

A vulnerability exists in the Advanced Networking Option component of Oracle Database Server, affecting versions 18c and 19c. This vulnerability permits an unauthenticated attacker with network access via Oracle Net to potentially compromise the Advanced Networking Option. While the exploitation requires human interaction from a third party, the risks extend beyond this component, posing significant threats to additional products. This vulnerability specifically impacts the Windows platform, highlighting the necessity for prompt security measures to mitigate potential takeover risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Advanced Networking Option 18c

Advanced Networking Option 19c

References

https://www.oracle.com/security-alerts/cpujan2021.html

x_refsource_MISC

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 20, 2021
Vulnerability Reserved
Dec 9, 2020

JSON

Oracle

What is CVE-2021-2018?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.