CVE-2020-2518

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c

Description The issue is related to a vulnerability in the Java VM component, which can be exploited by a low-privileged attacker with Create Session privilege and network access via multiple protocols. This can lead to the compromise of the Java VM, resulting in a potential takeover. The vulnerability is difficult to exploit and can be used by an attacker to gain control over the application remotely using network protocols.

Recommendations For versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.