How severe is CVE-2018-2939?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.4 out of 10.

What type of vulnerability is CVE-2018-2939?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2018-2939 - HIGH Severity | CVSS 8.4

Vulnerability Description

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18.1 and 18.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes to compromise Core RDBMS. While the vulnerability is in Core RDBMS, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Core RDBMS accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Core RDBMS. CVSS 3.0 Base Score 8.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H).

Related Vulnerabilities

CVE-2004-2339

HIGH

CVSS:8.4(High)

Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl fu...

NVD-CWE-Other2004

CVE-2005-1831

HIGH

CVSS:8.4(High)

Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE an...

NVD-CWE-Other2005

CVE-2006-1078

HIGH

CVSS:8.4(High)

Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2)...

NVD-CWE-Other2006

CVE-2016-4364

HIGH

CVSS:8.4(High)

HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.

NVD-CWE-Other2016

CVE-2017-10398

HIGH

CVSS:8.4(High)

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: BaseMasterPage). The supported version that is affected is 9.0.2.0. Easily e...

NVD-CWE-Other2017

CVE-2017-2583

HIGH

CVSS:8.4(High)

The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a ...

NVD-CWE-Other2017