{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T20:38:39.454","vulnerabilities":[{"cve":{"id":"CVE-2024-21242","sourceIdentifier":"secalert_us@oracle.com","published":"2024-10-15T20:15:13.730","lastModified":"2024-10-21T16:17:57.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the XML Database component of Oracle Database Server.  Supported versions that are affected are 19.3-19.24, 21.3-21.15 and  23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via HTTP to compromise XML Database.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of XML Database. CVSS 3.1 Base Score 3.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)."},{"lang":"es","value":"Vulnerabilidad en el componente XML Database de Oracle Database Server. Las versiones compatibles afectadas son 19.3-19.24, 21.3-21.15 y 23.4-23.5. Esta vulnerabilidad, que se puede explotar fácilmente, permite que un atacante con privilegios reducidos y privilegios de creación de sesión con acceso a la red a través de HTTP comprometa XML Database. Los ataques exitosos requieren la interacción humana de una persona distinta del atacante. Los ataques exitosos de esta vulnerabilidad pueden dar como resultado la capacidad no autorizada de provocar una denegación de servicio parcial (DOS parcial) de XML Database. Puntuación base de CVSS 3.1: 3,5 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:xml_database:*:*:*:*:*:*:*:*","versionStartExcluding":"19.3","versionEndIncluding":"19.24","matchCriteriaId":"4C0CCB33-06E6-4FC9-9569-F49471A2A3A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:xml_database:*:*:*:*:*:*:*:*","versionStartExcluding":"21.3","versionEndIncluding":"21.15","matchCriteriaId":"7955AD5E-EE3E-4C09-BBF4-4B647CA46B14"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:xml_database:23.4:*:*:*:*:*:*:*","matchCriteriaId":"A4833CB3-997B-48A2-9277-D8DE452FE626"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:xml_database:23.5:*:*:*:*:*:*:*","matchCriteriaId":"C8394166-1DE0-4EC5-B2E9-EB0EBB153D2D"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpuoct2024.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}}]}