Fine Grained Audit Bypass in Oracle Database 9i and 10g
CVE-2005-1495

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
11 May 2005

Summary

In Oracle Database versions 9i and 10g, the Fine Grained Audit (FGA) feature is disabled when the SYS user executes a SELECT statement on an FGA-managed object. This behavior creates a significant gap in security audits, allowing attackers to perform unauthorized actions without triggering necessary alarms. Consequently, malicious activities may go unnoticed, leading to potential data breaches.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.