Vulnerability in the RDBMS DataPump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise RDBMS DataPump. Successful attacks of this vulnerability can result in takeover of RDBMS DataPump. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: oracle
Published: 2019-04-23T18:16:39
Updated: 2024-08-04T18:56:43.987Z
Reserved: 2018-12-14T00:00:00
Link: CVE-2019-2571
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-04-23T19:32:48.833
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-2571
Redhat
No data.