Local Privilege Escalation in Oracle Database - Enterprise Edition Sharding
CVE-2022-21510

8.8HIGH

Key Information:

Vendor: Oracle
Status: Database - Enterprise Edition
Vendor: CVE Published:; 19 July 2022

What is CVE-2022-21510?

A vulnerability exists in the Sharding component of Oracle Database - Enterprise Edition, which could be exploited by an attacker with low privileges who has local login access to the infrastructure where the database is executed. This flaw allows exploitation, potentially leading to the compromise of Sharding functionality. While the direct impact is on Oracle Database - Enterprise Edition Sharding, successful attacks may have broader implications for other interconnected Oracle systems.

Affected Version(s)

Database - Enterprise Edition None

References

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 19, 2022
Vulnerability Reserved
Nov 15, 2021