CVE-2019-2516

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c

Description The issue is related to a vulnerability in the Portable Clusterware component of Oracle Database Server, allowing a high-privileged attacker with Grid Infrastructure User privilege to compromise Portable Clusterware. This can result in the takeover of Portable Clusterware and may significantly impact additional products. The vulnerability can be easily exploited by an attacker with logon access to the infrastructure where Portable Clusterware executes.

Recommendations For versions 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c, at the moment, there is no information about a newer version that contains a fix for this vulnerability.