CVE-2021-2234

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 12.1.0.2, 12.2.0.1, 18c and 19c

Description The issue is related to a vulnerability in the Java VM component, which can be exploited by a low-privileged attacker with Create Session privilege and network access via Oracle Net. This can lead to unauthorized creation, deletion, or modification access to critical data or all Java VM accessible data. The vulnerability is difficult to exploit and is related to insufficient access restrictions.

Recommendations For versions 12.1.0.2, 12.2.0.1, 18c, and 19c, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.