Privilege Escalation Vulnerability in Oracle 10g DBMS_Scheduler
CVE-2005-1496
Currently unrated
Summary
The DBMS_Scheduler component in Oracle 10g contains a security flaw that allows remote attackers, who possess CREATE JOB privileges, to change their session user to the SYS user. This unauthorized privilege escalation can enable attackers to perform actions beyond their intended access level, posing a significant risk to database integrity and security. Proper configuration and access controls are essential to mitigate this risk.
References
EPSS Score
5% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved