CVE-2021-2045

4 documents4 sources
Severity
3.1LOW
EPSS
0.4%
top 37.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation TextOracle Text
Timeline
PublishedJan 20
Latest updateMay 24

Description

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Text. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Text. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.6 | Impact: 1.4

Affected Packages2 packages

NVDoracle/text4 versions+3
CVEListV5oracle_corporation/text4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-2w4h-pg4c-ww4f: Vulnerability in the Oracle Text component of Oracle Database Server2022-05-24
CVEList
CVE-2021-2045: Vulnerability in the Oracle Text component of Oracle Database Server2021-01-20

📋Vendor Advisories

1
Oracle
Oracle Oracle Database Server Risk Matrix: Oracle Text — CVE-2021-20452021-01-15
CVE-2021-2045 (LOW CVSS 3.1) | Vulnerability in the Oracle Text co | cvebase.io