CVE-2021-1993

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 12.1.0.2, 12.2.0.1, 18c and 19c

Description The issue is related to the Java VM component and is associated with inadequate access control. It allows a low-privileged attacker with Create Session privilege and network access via Oracle Net to compromise the Java VM. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized creation, deletion, or modification access to critical data or all Java VM accessible data.

Recommendations For versions 12.1.0.2, 12.2.0.1, 18c, and 19c, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.