Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-0870Oracle Database Server vulnerability

4 documents4 sources
Severity
3.6LOWNVD
EPSS
47.7%
top 2.29%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Database Server
Timeline
PublishedApr 13
Latest updateMay 2

Description

Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH.

CVSS vector

AV:N/AC:H/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDoracle/database_server9.2.0.8, 9.2.0.8dv+1

🔴Vulnerability Details

2
GHSA
GHSA-24wp-2mp6-6g43: Unspecified vulnerability in the Change Data Capture component in Oracle Database 92022-05-02
CVEList
CVE-2010-0870: Unspecified vulnerability in the Change Data Capture component in Oracle Database 92010-04-13

💥Exploits & PoCs

1
Metasploit
Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE
CVE-2010-0870 — Oracle Database Server vulnerability | cvebase