Vulnerability in Oracle SQL Developer (component:...
Moderate severity
Unreviewed
Published
Apr 18, 2023
to the GitHub Advisory Database
•
Updated Sep 16, 2024
Description
Published by the National Vulnerability Database
Apr 18, 2023
Published to the GitHub Advisory Database
Apr 18, 2023
Last updated
Sep 16, 2024
Vulnerability in Oracle SQL Developer (component: Installation). Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle SQL Developer executes to compromise Oracle SQL Developer. Successful attacks of this vulnerability can result in takeover of Oracle SQL Developer. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
References