Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Apache Products Vulnerabilities
October 20, 2023
Rewterz
Rewterz Threat Advisory – Multiple Oracle VM VirtualBox and Java SE Vulnerabilities
October 20, 2023

Rewterz Threat Advisory – Multiple Oracle Database Server Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-22071 CVSS:5.9

An unspecified vulnerability in Oracle Database Server related to the PL/SQL component could allow a remote authenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact.

CVE-2023-22073 CVSS:4.3

An unspecified vulnerability in Oracle Database Server related to the Oracle Notification Server component could allow a remote attacker from within the local network to cause low confidentiality impact, no integrity impact, and no availability impact.

CVE-2023-22074 CVSS:2.4

An unspecified vulnerability in Oracle Database Server related to the Oracle Database Sharding component could allow a remote authenticated attacker to cause no confidentiality impact, no integrity impact, and low availability impact.

CVE-2023-22075 CVSS:2.4

An unspecified vulnerability in Oracle Database Server related to the Oracle Database Sharding component could allow a remote authenticated attacker to cause no confidentiality impact, no integrity impact, and low availability impact.

CVE-2023-22077 CVSS:4.9

An unspecified vulnerability in Oracle Database Server related to the Oracle Database Recovery Manager component could allow a remote authenticated attacker to cause no confidentiality impact, no integrity impact, and high availability impact.

CVE-2023-22096 CVSS:4.3

An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow a remote authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.

Impact

  • Denial of Service
  • Gain Access
  • Information Theft

Indicators Of Compromise

CVE

  • CVE-2023-22071
  • CVE-2023-22073
  • CVE-2023-22074
  • CVE-2023-22075
  • CVE-2023-22077
  • CVE-2023-22096

Affected Vendors

Oracle

Affected Products

  • Oracle Database Server 19.3
  • Oracle Database Server 19.19
  • Oracle Database Server 21.3
  • Oracle Database Server 21.10
  • Oracle Database Server 19.20
  • Oracle Database Server 21.11

Remediation

Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.

Oracle Critical Patch Update Advisory