What is CVE-2019-2860?

CVE-2019-2860 is a medium-severity vulnerability in Oracle Clusterware. CVSS score: 5.6/10. Published 2019-07-23.

How severe is CVE-2019-2860?

Medium severity. CVSS v3 base score is 5.6 out of 10.

Vulnerability in Oracle Clusterware

CVE-2019-2860

Vulnerability in the Oracle Clusterware component of Oracle Support Tools (subcomponent: Trace File Analyzer (TFA) Collector). The supported version that is affected is 12.1.0.2.0. Difficult to exploit vulnerability allows unauthenticated…

EPSS: 0.010 (58.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.6 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Oracle Clusterware — versions 12.1.0.2.0
Oracle Corporation System Utilities — versions 12.1.0.2.0

References

secalert_us@oracle.com (Patch, x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2019-2860?: CVE-2019-2860 is a medium-severity vulnerability in Oracle Clusterware. CVSS score: 5.6/10. Published 2019-07-23.
How severe is CVE-2019-2860?: Medium severity. CVSS v3 base score is 5.6 out of 10.