How severe is CVE-2021-2257?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2021-2257?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2021-2257

MEDIUM Year: 2021

CVSS v3 Score

4.1

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Storage Cloud Software Appliance. While the vulnerability is in Oracle Storage Cloud Software Appliance, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Storage Cloud Software Appliance accessible data. Note: Updating the Oracle Storage Cloud Software Appliance to version 16.3.1.4.2 or later will address these vulnerabilities. Download the latest version of Oracle Storage Cloud Software Appliance from <a href=" https://www.oracle.com/downloads/cloud/oscsa-downloads.html">here. Refer to Document <a href="https://support.oracle.com/rstype=doc&id=2768897.1">2768897.1 for more details. CVSS 3.1 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).

CVE-2016-0668

MEDIUM

CVSS:4.1(Medium)

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors re...

NVD-CWE-Other2016

CVE-2016-5463

MEDIUM

CVSS:4.1(Medium)

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related t...

NVD-CWE-Other2016

CVE-2016-5464

MEDIUM

CVSS:4.1(Medium)

NVD-CWE-Other2016

CVE-2016-5559

MEDIUM

CVSS:4.1(Medium)

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel.

NVD-CWE-Other2016

CVE-2017-10268

MEDIUM

CVSS:4.1(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier....

NVD-CWE-Other2017

CVE-2018-2773

MEDIUM

CVSS:4.1(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult...

NVD-CWE-Other2018

CVE-2021-2257

Vulnerability Description

Related Vulnerabilities

CVE-2016-0668

CVE-2016-5463

CVE-2016-5464

CVE-2016-5559

CVE-2017-10268

CVE-2018-2773