Due to insecure fallback behavior, a man-in-the-middle attacker can bypass NNE's protection against man-in-the-middle attacks and hijack authenticated connections. In some configurations, a full man-in-the-middle attack is possible. Oracle Database versions 19c, 12.2.0.1, and 12.1.0.2 are affected.
d0de07f4f0e48542261c0ae9b420a3424f2d3aa4191dbb91e07c6c991ab3de7b