CVE-2008-1815

3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.5%
top 36.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Database 10GOracle Database 11G
Timeline
PublishedApr 16
Latest updateMay 1

Description

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to DBMS_CDC_UTILITY, aka DB02. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB02 is for SQL injection in LOCK_CHANGE_SET.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages2 packages

NVDoracle/database_10g10.1.0.5, 10.2.0.3+1
NVDoracle/database_11g11.1.0.6

🔴Vulnerability Details

2
GHSA
GHSA-5jcx-hp3j-qqqm: Unspecified vulnerability in the Change Data Capture component in Oracle Database 102022-05-01
CVEList
CVE-2008-1815: Unspecified vulnerability in the Change Data Capture component in Oracle Database 102008-04-16
CVE-2008-1815 (MEDIUM CVSS 5.5) | Unspecified vulnerability in the Ch | cvebase.io