CVE-2006-0270Oracle Database Server vulnerability

CWE-3103 documents3 sources
Severity
10.0CRITICALNVD
EPSS
2.2%
top 15.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Database Server
Timeline
PublishedJan 18
Latest updateMay 1

Description

Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without encryption, which allows local users to obtain the key via the SGA.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-3mf7-49vm-cgqm: Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 102022-05-01
CVEList
CVE-2006-0270: Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 102006-01-18
CVE-2006-0270 — Oracle Database Server vulnerability | cvebase