How severe is CVE-2024-21184?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2024-21184?

This is classified as CWE-250, which is a common weakness in software security.

CVE-2024-21184 - HIGH Severity | CVSS 7.2

Vulnerability Description

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XS_DIAG privilege with network access via Oracle Net to compromise Oracle Database RDBMS Security. Successful attacks of this vulnerability can result in takeover of Oracle Database RDBMS Security. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Related Vulnerabilities

CVE-2019-16767

HIGH

CVSS:7.2(High)

The admin sys mode is now conditional and dedicated for the special case. By default, since [email protected] no instance (container) is launched with advanced capabilities (not launched as root)

CWE-2502019

CVE-2024-35154

HIGH

CVSS:7.2(High)

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Using specially crafted in...

CWE-2502024

CVE-2025-23008

HIGH

CVSS:7.2(High)

An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations.

CWE-2502025

CVE-2025-23009

HIGH

CVSS:7.2(High)

A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.

CWE-2502025

CVE-2024-22017

HIGH

CVSS:7.3(High)

setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped suc...

CWE-2502024

CVE-2023-4814

HIGH

CVSS:7.1(High)

A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to.

CWE-2502023