How severe is CVE-2024-20910?

This vulnerability has a severity rating of LOW with a CVSS score of 3 out of 10.

What type of vulnerability is CVE-2024-20910?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2024-20910 - LOW Severity | CVSS 3

Vulnerability Description

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. While the vulnerability is in Oracle Audit Vault and Database Firewall, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Audit Vault and Database Firewall accessible data. CVSS 3.1 Base Score 3.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N).

Related Vulnerabilities

CVE-2016-3490

LOW

CVSS:3.0(Low)

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, and 6.4.1 allows remote...

NVD-CWE-Other2016

CVE-2020-14818

LOW

CVSS:3.0(Low)

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with...

NVD-CWE-Other2020

CVE-2022-22460

LOW

CVSS:3.0(Low)

IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013.

NVD-CWE-Other2022

CVE-2024-21257

LOW

CVSS:3.0(Low)

Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). The supported version that is affected is 11.2.18.0.000. Easily exploitable vulnerability allows ...

NVD-CWE-Other2024

CVE-2025-31363

LOW

CVSS:3.0(Low)

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.9 fail to restrict domains the LLM can request to contact upstream which allows an authenticated user to exfiltrate data from an ...

NVD-CWE-Other2025

CVE-2016-3426

LOW

CVSS:3.1(Low)

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.

NVD-CWE-Other2016