{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T21:15:31.575","vulnerabilities":[{"cve":{"id":"CVE-2022-21551","sourceIdentifier":"secalert_us@oracle.com","published":"2022-07-19T22:15:12.257","lastModified":"2024-11-21T06:44:56.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: prior to 21.7.0.0.0; 19c: prior to 19.1.0.0.220719. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle GoldenGate. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle GoldenGate. CVSS 3.1 Base Score 6.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H)."},{"lang":"es","value":"Una vulnerabilidad en Oracle GoldenGate (componente: Oracle GoldenGate). La versión compatible que está afectada es 21c: versiones anteriores a 21.7.0.0.0; 19c: versiones anteriores a 19.1.0.0.220719. Una vulnerabilidad explotable fácilmente permite a un atacante muy privilegiado con acceso a la red por medio de HTTP comprometer a Oracle GoldenGate. Los ataques con éxito requieren una interacción humana de una persona diferente del atacante. Los ataques con éxito de esta vulnerabilidad pueden resultar en la toma de control de Oracle GoldenGate. CVSS 3.1, Puntuación Base 6.8 (impactos en la Confidencialidad, Integridad y Disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*","versionStartIncluding":"19.1.0.0.0","versionEndExcluding":"19.1.0.0.220719","matchCriteriaId":"512A148C-C870-4ABD-9812-C6EB792E8829"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*","versionStartIncluding":"21.1.0","versionEndExcluding":"21.7.0.0.0","matchCriteriaId":"435977A2-35CE-4B79-A0EC-3C2AC7CB3AF8"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}