CVE-2021-2351

CVSS 8.3 · High EPSS 2.77% · P86 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-2351

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. Note: The July 2021 Critical Patch Update introduces a number of Native Network Encryption changes to deal with vulnerability CVE-2021-2351 and prevent the use of weaker ciphers. Customers should review: "Changes in Native Network Encryption with the July 2021 Critical Patch Update" (Doc ID 2791571.1). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Oracle Database Server 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Oracle Database Server是美国甲骨文（Oracle）公司的一套关系数据库管理系统。该数据库管理系统提供数据管理、分布式处理等功能。 Oracle Database Server 存在授权问题漏洞，该漏洞源于Oracle数据库服务器的高级网络选项内不正确的输入验证。远程未经身份验证的攻击者可利用该漏洞执行任意代码。受影响的产品及版本如下:Oracle数据库服务器:12.1.0.2、12.2.0.1、19c.c。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Oracle Corporation	WebLogic Server	12.2.1.3.0	-

II. Public POCs for CVE-2021-2351

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-2351

请登录查看更多情报信息。

https://www.oracle.com/security-alerts/cpujan2022.htmlx_refsource_MISC
http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpujul2021.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpujul2022.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpuapr2022.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpujan2023.htmlvendor-advisory
http://seclists.org/fulldisclosure/2021/Dec/19mailing-listx_refsource_FULLDISC
http://seclists.org/fulldisclosure/2021/Dec/20mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2021-2351

Same Patch Batch · Oracle Corporation · 2021-07-20 · 131 CVEs total

CVE-2021-2447	9.9 CRITICAL	Oracle Secure Global Desktop输入验证错误漏洞
CVE-2021-2463	9.8 CRITICAL	Oracle Commerce 输入验证错误漏洞
CVE-2021-2397	9.8 CRITICAL	Oracle Fusion Middleware安全漏洞
CVE-2021-2394	9.8 CRITICAL	Oracle Fusion Middleware输入验证错误漏洞
CVE-2021-2382	9.8 CRITICAL	Oracle Fusion Middleware安全漏洞
CVE-2021-2456	9.8 CRITICAL	Oracle Fusion Middleware安全漏洞
CVE-2021-2446	9.6 CRITICAL	Oracle Secure Global Desktop输入验证错误漏洞
CVE-2021-2355	9.1 CRITICAL	Oracle E-Business Suite输入验证错误漏洞
CVE-2021-2392	8.8 HIGH	Oracle Fusion Middleware 输入验证错误漏洞
CVE-2021-2391	8.8 HIGH	Oracle Fusion Middleware 输入验证错误漏洞
CVE-2021-2396	8.8 HIGH	Oracle Fusion Middleware 输入验证错误漏洞
CVE-2021-2349	8.6 HIGH	Oracle Hyperion 输入验证错误漏洞
CVE-2021-2436	8.2 HIGH	Oracle E-Business Suite 输入验证错误漏洞
CVE-2021-2409	8.2 HIGH	Oracle VM VirtualBox输入验证错误漏洞
CVE-2021-2359	8.2 HIGH	Oracle E-Business Suite输入验证错误漏洞
CVE-2021-2365	8.1 HIGH	Oracle E-Business Suite 输入验证错误漏洞
CVE-2021-2434	8.1 HIGH	Oracle E-Business Suite输入验证错误漏洞
CVE-2021-2362	8.1 HIGH	Oracle E-Business Suite输入验证错误漏洞
CVE-2021-2363	8.1 HIGH	Oracle E-Business Suite 输入验证错误漏洞
CVE-2021-2415	8.1 HIGH	Oracle E-Business Suite输入验证错误漏洞

Showing top 20 of 131 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: WebLogic Server

Same vendor: Oracle Corporation

V. Comments for CVE-2021-2351

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-2351

I. Basic Information for CVE-2021-2351

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-2351

III. Intelligence Information for CVE-2021-2351

Same Patch Batch · Oracle Corporation · 2021-07-20 · 131 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-2351

Leave a comment