Oracle Database Server Vulnerability in Oracle Text Component
CVE-2021-2045

3.1LOW

Key Information:

Vendor: Oracle
Status: Text
Vendor: CVE Published:; 20 January 2021

Summary

A security issue exists in the Oracle Text component of Oracle Database Server, which could allow an attacker with low privileges and network access to compromise the functionality of Oracle Text. The vulnerability could lead to a partial denial of service, impacting the availability of this component. Supported versions vulnerable to this issue include Oracle Database Server versions 12.1.0.2, 12.2.0.1, 18c, and 19c.

Affected Version(s)

Text 12.1.0.2

Text 12.2.0.1

Text 18c

References

https://www.oracle.com/security-alerts/cpujan2021.html

x_refsource_MISC

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 20, 2021
Vulnerability Reserved
Dec 9, 2020