CVE-2021-38475

Summary

The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.

Affected Software

VendorProductVersion RangeStatus
AUVESYVersiondogAll <= 8.0affected

Weaknesses

  • CWE-732: CWE-732 Incorrect Permission Assignment for Critical Resource

ADP Enrichment

CVE Program Container

Additional References

References