CVE-2005-1495

3 documents3 sources

Severity

7.5HIGH

EPSS

1.8%

top 17.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Application Server Oracle Oracle10g Oracle Oracle9i

Timeline

PublishedMay 11

Latest updateMay 1

Description

Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDoracle/oracle9i10 versions+9

▶NVDoracle/oracle10g9 versions+8

▶NVDoracle/application_server10.1.0.2, 10.1.0.3, 10.1.0.3.1+2

🔴Vulnerability Details

GHSA

GHSA-g8p4-j6g7-gq3v: Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier fo↗2022-05-01

▶

CVEList

CVE-2005-1495: Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier fo↗2005-05-11

▶