CVE-2021-2175
Description
Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any View, Select Any View privilege with network access via Oracle Net to compromise Database Vault. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Database Vault accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
High-privileged attacker can read Database Vault realm metadata via Oracle Net, bypassing access controls on DBA_DV_REALM.
Vulnerability
CVE-2021-2175 is a vulnerability in the Database Vault component of Oracle Database Server, affecting versions 12.1.0.2, 12.2.0.1, 18c, and 19c [1]. The flaw allows a high-privileged attacker with CREATE ANY VIEW and SELECT ANY VIEW privileges, network access via Oracle Net, to bypass access controls on the DBA_DV_REALM data dictionary view, which lists the realms (security zones) configured in the database. The official description notes this occurs when Database Vault is configured and enabled.
Exploitation
An attacker must have high privileges (CREATE ANY VIEW, SELECT ANY VIEW) and network connectivity via Oracle Net. The exploit chain, as demonstrated in the reference [1], involves creating a view under the ORACLE_OCM schema (a default account) that selects from SYS.DBA_DV_REALM, then querying that view to retrieve realm metadata. Specifically, steps include: connecting as SYS, switching to a pluggable database (PDB), confirming Database Vault is enabled, then creating ORACLE_OCM.DUMMY_V AS SELECT * FROM DBA_DV_REALM, and finally selecting from the view to bypass the insufficient privileges error on direct access.
Impact
Successful exploitation results in unauthorized read access to a subset of Database Vault accessible data, specifically the realm definitions stored in DBA_DV_REALM. This exposes security metadata, revealing the names and descriptions of configured security realms. This is a confidentiality impact with a CVSS 3.1 base score of 2.7 (low), as the attacker does not gain write access or additional privileges, but can learn about the database's security configuration.
Mitigation
Oracle has addressed this vulnerability in the Critical Patch Update (CPU) for April 2021. The official advisory recommends applying the relevant patch for each affected version. For version 19c, the fix is included in the 19.9.0.0.0 Database Release Update (DB RU) and later. For versions 12.1.0.2, 12.2.0.1, and 18c, respective patches are available via the April 2021 CPU. No workaround is provided in the available references.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: 12.1.0.2, 12.2.0.1, 18c, 19c
- Range: 12.1.0.2, 12.2.0.1, 18c, 19c
- Range: 12.1.0.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.