Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-2969 PoC — Oracle Database Server Data Pump组件安全漏洞

Source
https://github.com/emad-almousa/CVE-2020-2969
Associated Vulnerability
Title:Oracle Database Server Data Pump组件安全漏洞 (CVE-2020-2969)
Description:Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to compromise Data Pump. Successful attacks of this vulnerability can result in takeover of Data Pump. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
Description
CVE-2020-2969
Readme
# CVE-2020-2969

The PoC for CVE-2020-2969 is documented here: https://packetstormsecurity.com/files/179027/Oracle-Database-Password-Hash-Unauthorized-Access.html
File Snapshot

 [4.0K]  /data/pocs/4f8297ce5a749efe55165840b1b4499f13d82a06
└── [ 165]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →