Vulnerability Details CVE-2023-22073
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Notification Server executes to compromise Oracle Notification Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Notification Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.3%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2023-22073
-
cpe:2.3:a:oracle:database_server:19.20
-
cpe:2.3:a:oracle:database_server:19.3
-
cpe:2.3:a:oracle:database_server:21.11
-
cpe:2.3:a:oracle:database_server:21.3