Description

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Unified Audit accessible data. CVSS 3.1 Base Score 4.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N).

Remediation

References

CVE-2023-22034

Related Vulnerabilities

WordPress Plugin CM Download Manager Cross-Site Scripting (2.7.0)

WordPress Plugin Billplz for WooCommerce Unspecified Vulnerability (3.10)

WordPress Plugin LearnDash LMS Insecure Direct Object Reference (4.6.0)

MySQL CVE-2015-4766 Vulnerability (CVE-2015-4766)

WordPress Plugin WP-Matomo (WP-Piwik) Cross-Site Scripting (1.0.4)

Severity

Medium

Classification

CVE-2023-22034 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities