Rewterz Threat Advisory – Multiple Apache Products Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle VM VirtualBox and Java SE Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Apache Products Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle VM VirtualBox and Java SE Vulnerabilities
October 20, 2023Severity
Medium
Analysis Summary
CVE-2023-22071 CVSS:5.9
An unspecified vulnerability in Oracle Database Server related to the PL/SQL component could allow a remote authenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact.
CVE-2023-22073 CVSS:4.3
An unspecified vulnerability in Oracle Database Server related to the Oracle Notification Server component could allow a remote attacker from within the local network to cause low confidentiality impact, no integrity impact, and no availability impact.
CVE-2023-22074 CVSS:2.4
An unspecified vulnerability in Oracle Database Server related to the Oracle Database Sharding component could allow a remote authenticated attacker to cause no confidentiality impact, no integrity impact, and low availability impact.
CVE-2023-22075 CVSS:2.4
An unspecified vulnerability in Oracle Database Server related to the Oracle Database Sharding component could allow a remote authenticated attacker to cause no confidentiality impact, no integrity impact, and low availability impact.
CVE-2023-22077 CVSS:4.9
An unspecified vulnerability in Oracle Database Server related to the Oracle Database Recovery Manager component could allow a remote authenticated attacker to cause no confidentiality impact, no integrity impact, and high availability impact.
CVE-2023-22096 CVSS:4.3
An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow a remote authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
Impact
- Denial of Service
- Gain Access
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-22071
- CVE-2023-22073
- CVE-2023-22074
- CVE-2023-22075
- CVE-2023-22077
- CVE-2023-22096
Affected Vendors
Oracle
Affected Products
- Oracle Database Server 19.3
- Oracle Database Server 19.19
- Oracle Database Server 21.3
- Oracle Database Server 21.10
- Oracle Database Server 19.20
- Oracle Database Server 21.11
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.