Oracle Database Server JDBC Component Vulnerability Allowing Unauthorized Data Access

Vulnerability

A vulnerability has been identified in the JDBC component of Oracle Database Server, affecting versions 23.4 through 23.8. This vulnerability, which is difficult to exploit, allows a low-privileged attacker with Authenticated OS User rights and access to the infrastructure where JDBC runs, to compromise JDBC. Successful exploitation requires human interaction from someone other than the attacker. While the vulnerability resides in JDBC, its effects could extend to other products, leading to a change in scope. Exploitation of this vulnerability could result in unauthorized access to critical data or complete access to all data accessible through JDBC.

Impact

Exploitation of this vulnerability could lead to unauthorized access to critical data or full access to all data available through JDBC.

Added: Jul 15, 2025, 10:25 PM

Updated: Jul 15, 2025, 10:25 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

3.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

3.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Database Server JDBC Component Vulnerability Allowing Unauthorized Data Access

Vulnerability

Impact

Affected Products

Oracle Database Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating