Skip to main content

Oracle Products Multiple Vulnerabilities

Last Update Date: 1 Mar 2023 Release Date: 18 Jan 2023 6745 Views

RISK: High Risk

TYPE: Servers - Database Servers

TYPE: Database Servers

Multiple vulnerabilities were identified in Oracle Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass, sensitive information disclosure and data manipulation on the targeted system.

 

[Updated on 2023-03-01] 

Updated System / Technologies affected.

 

Note:

Proof Of Concept Exploit Code is Publicly Available for CVE-2023-21839, affecting WebLogic Server. Risk level has changed from Medium Risk to High Risk.


Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Oracle MySQL
  • Java SE
  • Oracle Database Server
  • WebLogic Server
  • VirtualBox

 

For other Oracle products, please refer to the link below:

https://www.oracle.com/security-alerts/cpujan2023.html


Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

https://www.oracle.com/security-alerts/cpujan2023.html


Vulnerability Identifier


Source


Related Link