CVE-2020-2512

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c

Description The issue is related to inadequate access control in the Oracle ODBC database gateway, which can be exploited by a remote attacker to cause a denial of service via the OracleNet network protocol. This can lead to unauthorized ability to cause a hang or frequently repeatable crash of the Database Gateway for ODBC.

Recommendations For versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the OracleNet protocol to minimize the risk of exploitation. Restrict network access to the Database Gateway for ODBC to reduce the likelihood of a successful attack.