Exploitation Summary
EIP tracks 1 public exploit for CVE-2020-2969. PoCs published by emad-almousa.
AI-analyzed exploit summary The repository contains no actual exploit code or technical details, only a link to an external resource (Packet Storm Security) for the PoC. This is a common tactic used to lure researchers into downloading content from untrusted sources.
Description
Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to compromise Data Pump. Successful attacks of this vulnerability can result in takeover of Data Pump. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
Exploits (1)
The repository contains no actual exploit code or technical details, only a link to an external resource (Packet Storm Security) for the PoC. This is a common tactic used to lure researchers into downloading content from untrusted sources.
References (1)
Scores
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H