How severe is CVE-2023-21918?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2023-21918?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2023-21918

MEDIUM Year: 2023

CVSS v3 Score

6.8

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local SYSDBA privilege with network access via Oracle Net to compromise Oracle Database Recovery Manager. While the vulnerability is in Oracle Database Recovery Manager, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Database Recovery Manager. CVSS 3.1 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

CVE-2012-1695

MEDIUM

CVSS:6.8(Medium)

Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, int...

NVD-CWE-Other2012

CVE-2015-8262

MEDIUM

CVSS:6.8(Medium)

Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof re...

NVD-CWE-Other2015

CVE-2015-8816

MEDIUM

CVSS:6.8(Medium)

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a d...

NVD-CWE-Other2015

CVE-2016-1285

MEDIUM

CVSS:6.8(Medium)

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (...

NVD-CWE-Other2016

CVE-2016-5304

MEDIUM

CVSS:6.8(Medium)

Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites ...

NVD-CWE-Other2016

CVE-2016-8318

MEDIUM

CVSS:6.8(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exp...

NVD-CWE-Other2016

CVE-2023-21918

Vulnerability Description

Related Vulnerabilities

CVE-2012-1695

CVE-2015-8262

CVE-2015-8816

CVE-2016-1285

CVE-2016-5304

CVE-2016-8318