CVE-2024-21184

Name of the Vulnerable Software and Affected Versions Oracle Database versions 19.3 through 19.23

Description The issue is related to errors in privilege management within the Oracle Database RDBMS Security component of Oracle Database Server. It allows a highly privileged attacker with Execute on SYS.XS DIAG privilege and network access via Oracle Net to compromise Oracle Database RDBMS Security. Successful attacks can result in the takeover of Oracle Database RDBMS Security.

Recommendations For versions 19.3 through 19.23, update to a version that includes the fix for this issue to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.