| news flash

Oracle company to 2021 year 1 month 19 day , The first annual security alert was issued . among , yes 8 Safety warnings and Oracle
Database part . at present , You can use the latest CPU patch , This security vulnerability can be fixed .

Here's the story 8 There are three security holes :

*
CVE-2021-2018
The vulnerability can be exploited remotely without authentication , Intruders can exploit these vulnerabilities through the network and do not need user credentials . The safety factor risk score given is 8.3 branch . however , This attack has high complexity , It only affects
Windows platform

*
CVE-2021-2035
Passed through the database Scheduler Timing component attack , need Export Full Database
jurisdiction , If you have control over this permission , It can reduce the risk . The risk score is as high as 8.8 branch . The way to fix it is : Sort out the authority of database , Or apply a patch to fix it .

*
CVE-2021-2054
The vulnerability and Sharding Component related , Most individual users may not be able to use it , meanwhile , Users who don't use distributed components can also ignore it

*
CVE-2021-2116 and CVE-2021-2116
The vulnerability and Oracle Apex of , Can pass HTTP Protocol attack . Prevention methods : Do a good job in account management , The risk is small

*
CVE-2021-1993
The vulnerability and Java JVM of , It is also a continuation of the previous series of deserialization vulnerabilities , Can pass Package On the prevention of the limit of authority of the enterprise , Or a patch

*
CVE-2021-2045
The vulnerability and Text Component related , Most users should not have this option . At the same time, it is suggested that , Database installation , For unused components , Do not choose to install .

*
CVE-2021-2000
The vulnerability is Unified Audit Loopholes related to the characteristics of unified audit management , The requirements for authority are very high , So the risk is the lowest , Safety points are 2.4 branch .

The specific risks are listed below :

Technology
©2020 ioDraw All rights reserved
SSM— User module ( two ) Forget the password , Change Password , Get user information One and a half years JAVA Summary of work experience python To solve the problem of dictionary writing list in Vue Common features ( Form operation ) Rare expletives in Lei Jun's press conference : this XXX I'm definitely here to make trouble !PYTHON Summary of final review 2021 Front end interview written questions and answers After the black myth Wukong Another domestic game blown up by foreigners 27 Year old invention SQL in the future , God took him away CLion Novice step on the pit :CMake project is not loaded