Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Oracle Application Server < 10.1.0.0.4 Logging Service Interruption

Medium

Synopsis

The remote host is vulnerable to a flaw that would allow a single user to affect logging-level changes for all users of a database.

Description

The remote host is running the Oracle Application Server. This version is reported vulnerable to a flaw where a SYS user can disable Fine Grained Auditing (FGA) which then impacts the logging level of all users of the database.

Solution

Upgrade to version 10.1.0.0.4 or higher.