Oracle Xml Database
By the Year
In 2021 there have been 2 vulnerabilities in Oracle Xml Database with an average score of 6.1 out of ten. Xml Database did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2021 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2021 | 2 | 6.05 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Xml Database vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Oracle Xml Database Security Vulnerabilities
Vulnerability in the Oracle XML DB component of Oracle Database Server
CVE-2021-2333
4.9 - Medium
- July 21, 2021
Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Alter User privilege with network access via Oracle Net to compromise Oracle XML DB. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle XML DB accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
Vulnerability in the Oracle XML DB component of Oracle Database Server
CVE-2021-2329
7.2 - High
- July 21, 2021
Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Public Synonym privilege with network access via Oracle Net to compromise Oracle XML DB. Successful attacks of this vulnerability can result in takeover of Oracle XML DB. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Xml Database or by Oracle? Click the Watch button to subscribe.
