CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-20924

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Audit Vault and Database Firewall, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Audit Vault and Database Firewall. CVSS 3.1 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.1%

CVSS Severity

CVSS v3 Score 7.6

References

Products affected by CVE-2024-20924

Oracle » Audit Vault And Database Firewall » Version: 20.1

cpe:2.3:a:oracle:audit_vault_and_database_firewall:20.1
Oracle » Audit Vault And Database Firewall » Version: 20.9

cpe:2.3:a:oracle:audit_vault_and_database_firewall:20.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-20924

Products

Pricing

Contact Us