CVE-2021-2000

CWE-345CWE-400Uncontrolled Resource Consumption17 documents8 sources
Severity
2.4LOW
EPSS
0.2%
top 55.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Database - Enterprise EditionOracle Database Server
Timeline
PublishedJan 20
Latest updateOct 28

Description

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYS Account privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of U

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages2 packages

NVDoracle/database_server4 versions+3

🔴Vulnerability Details

4
GHSA
GHSA-p6hg-pmvw-h64j: Vulnerability in the Unified Audit component of Oracle Database Server2022-05-24
Kernel
Merge tag 'xfs-5.17-merge-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux2022-01-21
GHSA
ReDoS in Sec-Websocket-Protocol header2021-05-28
CVEList
CVE-2021-2000: Vulnerability in the Unified Audit component of Oracle Database Server2021-01-20

💥Exploits & PoCs

1
Exploit-DB
Amica Prodigy 1.7 - Privilege Escalation2021-08-10

📋Vendor Advisories

11
Chrome
Stable Channel Update for Desktop: CVE-2025-124352025-10-28
Chrome
Stable Channel Update for Desktop: CVE-2023-12312023-03-07
Chrome
Stable Channel Update for Desktop: CVE-2022-18562022-05-24
Chrome
Stable Channel Update for Desktop: CVE-2022-11362022-03-29
Chrome
Stable Channel Update for Desktop: CVE-2022-08032022-03-01
CVE-2021-2000 (LOW CVSS 2.4) | Vulnerability in the Unified Audit | cvebase.io