{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T19:32:50.016","vulnerabilities":[{"cve":{"id":"CVE-2021-35557","sourceIdentifier":"secalert_us@oracle.com","published":"2021-10-20T11:16:34.127","lastModified":"2024-11-21T06:12:30.683","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Core RDBMS. CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)."},{"lang":"es","value":"Una vulnerabilidad en el componente Core RDBMS de Oracle Database Server. Las versiones compatibles que están afectadas son 12.1.0.2, 12.2.0.1, 19c y 21c. Una vulnerabilidad explotable fácilmente permite a un atacante poco privilegiado y con acceso a la red por medio de Oracle Net, comprometer el Core RDBMS. Los ataques con éxito de esta vulnerabilidad pueden resultar en una capacidad no autorizada de causar una negación parcial de servicio (DOS parcial) de Core RDBMS. CVSS 3.1 Puntuación Base 4.3 (impactos en la Disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)"}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1F3C58EE-B36B-4081-A307-0FE9B52D8E62"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:database:12.2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"E221FD4B-190F-4752-9617-FB0C704E7AFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:database:19c:*:*:*:*:*:*:*","matchCriteriaId":"3B7038B7-BBBB-4C8A-9479-204E11669A63"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:database:21c:*:*:*:*:*:*:*","matchCriteriaId":"2BD30EF6-606E-416A-B758-43CD75437A3B"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpuoct2021.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuoct2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}