Head Topics

Oracle Cloud fixes ‘critical’ data-access vulnerability

Österreich Nachrichten Nachrichten

Oracle Cloud fixes ‘critical’ data-access vulnerability
Österreich Neuesten Nachrichten,Österreich Schlagzeilen
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 39 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 19%
  • Publisher: 61%

Oracle Cloud at one point would let you access any other customer's data

A"critical" Oracle Cloud Infrastructure vulnerability could have been exploited by any customer to gain read and write access to data belonging to any other OCI customer without any permission checks, according to Wiz security researchers.

Essentially, the flaw, as described by Wiz, could be exploited thus: if you knew the Oracle Cloud Identifier for another customers' storage volume – which is not a secret – you could attach that volume to your own virtual machine in Oracle's cloud as long as the volume wasn't already attached or supported multi-attachment. So, obtain the identifier, attach a volume, access it as if it was yours, including any sensitive information on it.

Gaining write access, Gabay explained,"could be used to manipulate any data on the volume, including the operating system runtime , thus gaining code execution over the remote compute instance and a foothold in the victim's cloud environment, once the volume is used to boot a machine."

Wir haben diese Nachrichten zusammengefasst, damit Sie sie schnell lesen können. Wenn Sie sich für die Nachrichten interessieren, können Sie den vollständigen Text hier lesen. Weiterlesen:

TheRegister /  🏆 67. in UK

Österreich Neuesten Nachrichten, Österreich Schlagzeilen

Similar News:Sie können auch ähnliche Nachrichten wie diese lesen, die wir aus anderen Nachrichtenquellen gesammelt haben.

A follow up to 2016's trippiest FPS just released on Steam, and it's a thousand times trippierA follow up to 2016's trippiest FPS just released on Steam, and it's a thousand times trippierHyper Demon may be even better than Devil Daggers.
Weiterlesen »

Rail chaos which ruined mourners’ journeys continues for second dayRail chaos which ruined mourners’ journeys continues for second dayDisruption to train services which caused thousands of mourners to miss the Queen’s funeral will continue until noon on Tuesday, passengers were warned.
Weiterlesen »

Apple acknowledges iPhone 14 Pro camera bug, preps fixApple acknowledges iPhone 14 Pro camera bug, preps fixA camera shake issue with some apps getting a quick fix
Weiterlesen »

'Brilliant' plans for new Lidl and Wickes store in town'Brilliant' plans for new Lidl and Wickes store in townWorkers are currently on site constructing access from Nottingham Road
Weiterlesen »

Oracle releases Java 19 with seven significant enhancementsOracle releases Java 19 with seven significant enhancementsUpstart CPU integration, incremental improvements – just the way cautious corporate customers like it
Weiterlesen »

Uber ‘in contact with the FBI’ over potential GTA 6 hacker | VGCUber ‘in contact with the FBI’ over potential GTA 6 hacker | VGCUber says it's ‘in contact with the FBI’ over an attacker who could potentially also be behind this weekend's GTA 6 leak.
Weiterlesen »



Render Time: 2025-04-08 07:18:26