CVE-2008-3996

3 documents3 sources

Severity

5.5MEDIUM

EPSS

37.8%

top 2.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Database 10G Oracle Database 11I

Timeline

PublishedOct 14

Latest updateMay 2

Description

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_IPUBLISH.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages2 packages

▶NVDoracle/database_10g10.1.0.5, 10.2.0.4+1

▶NVDoracle/database_11i11.1.0.6

🔴Vulnerability Details

GHSA

GHSA-c4xj-289h-xhv9: Unspecified vulnerability in the Change Data Capture component in Oracle Database 10↗2022-05-02

▶

CVEList

CVE-2008-3996: Unspecified vulnerability in the Change Data Capture component in Oracle Database 10↗2008-10-14

▶