CVE-2024-21233

Summary

CVE-2024-21233 is a vulnerability in the Oracle Database Core component affecting versions 19.3-19.24, 21.3-21.15, and 23.4-23.5 of the Oracle Database Server. This vulnerability allows low privileged attackers with Create Session privileges and network access via Oracle Net to compromise the database, potentially leading to unauthorized updates, inserts, or deletions of accessible data. The CVSS 3.1 Base Score for this vulnerability is 4.3, indicating a medium severity level with low integrity impact and no confidentiality impact. Organizations are advised to remediate this issue by applying relevant patches provided by Oracle as outlined in their security alerts. The exploitability score is assessed at 2.8, suggesting that while the risk exists, it may require specific conditions to be successfully exploited.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.