Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2020-2517

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. Difficult to exploit vulnerability allows high privileged attacker having Create Procedure, Create Database Link privilege with network access via OracleNet to compromise Database Gateway for ODBC. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Database Gateway for ODBC accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Database Gateway for ODBC. CVSS 3.0 Base Score 3.3 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L).

  • Published: Jan 15, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-2517
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 3.3
  • AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L

CVSS v2:

  • Severity: Low
  • Score: 4.9
  • AV:N/AC:M/Au:S/C:N/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
oracle / database_server 12.1.0.2 12.1.0.2.x
oracle / database_server 11.2.0.4 11.2.0.4.x
oracle / database_server 12.2.0.1 12.2.0.1.x
oracle / database_server 18c 18c.x
oracle / database_server 19c 19c.x