CVE-2023-21893

Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful...

Access Restriction Bypass

Oracle ManagedDataAccess is vulnerable to Access Restriction Bypass. The vulnerability exists due to the TCPS protocol stack which allows an attacker with network access to takeover the Oracle Data Provider for .NET...

Access Restriction Bypass

Overview Oracle.ManagedDataAccess.Core is an ADO.NET driver that provides fast data access from Microsoft .NET Core clients to Oracle databases Affected versions of this package are vulnerable to Access Restriction Bypass via the TCPS protocol, that allows component takeover. Remediation Upgrade...

PT-2023-1244 · Oracle · Oracle Data Provider For .Net +1

Name of the Vulnerable Software and Affected Versions: Oracle Data Provider for .NET versions 19c through 21c Description: The issue is related to insufficient input validation in the Oracle Data Provider for .NET component of Oracle Database Server, allowing an unauthenticated attacker with...