Cleartext Password Vulnerability in Oracle 10g Database Server by Oracle
CVE-2004-1366
Currently unrated
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 4 August 2004
Summary
The Oracle 10g Database Server contains a vulnerability where the SYSMAN account password is stored in cleartext in the world-readable emoms.properties file. This design flaw could allow local users to access sensitive information, potentially leading to unauthorized DBA privileges and significant compromise of database security. Proper security measures should be implemented to protect sensitive credential storage and ensure that such vulnerabilities are mitigated.
References
Timeline
Vulnerability Reserved
Vulnerability published