Oracle.Database.APEX.Password.Hash.Disclosure
Description
This indicates an attack attempt against an information-disclosure vulnerability in the Application Express component in Oracle Database.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP reqeust. It allows an authenticated attacker obtain access to password hashes via certain database views.
Affected Products
Oracle Oracle11g 11.1.0.7
Impact
Information Disclosure
Recommended Actions
Apply the patch released by the vendor:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-10-16 | 13.473 | Sig Added |