What is CVE-2021-2018?

CVE-2021-2018 is a high-severity vulnerability in Microsoft Windows. CVSS score: 8.3/10. Published 2021-01-20.

How severe is CVE-2021-2018?

High severity. CVSS v3 base score is 8.3 out of 10.

Vulnerability in Microsoft Windows

CVE-2021-2018

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Ne…

EPSS: 0.014 (69.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Microsoft Windows
Oracle Adaptive_access_manager — versions 11.1.2.3.0
Oracle Advanced_networking_option — versions 18c, 19c
Oracle Data_integrator — versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0
Oracle Enterprise_manager_for_fusion_applications — versions 13.3.0.0
Oracle Hospitality_simphony — versions 18.2.7.2, 19.1.3
Oracle Weblogic_server — versions 12.2.1.3.0
Oracle Corporation Advanced Networking Option — versions 18c, 19c

References

secalert_us@oracle.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2021-2018?: CVE-2021-2018 is a high-severity vulnerability in Microsoft Windows. CVSS score: 8.3/10. Published 2021-01-20.
How severe is CVE-2021-2018?: High severity. CVSS v3 base score is 8.3 out of 10.