Oracle PL/SQL Gateway PLSQLExclusion Access Control List Bypass Vulnerability

Oracle PL/SQL Gateway PLSQLExclusion Access Control List Bypass Vulnerability

Oracle PL/SQL gateway is prone to a vulnerability that permits the bypassing of an access control list (ACL). This issue is due to an error in the application to properly sanitize user-supplied input.

An attacker can exploit this issue to bypass the exclusion list and to gain access to excluded packages and procedures running in the context of the DBA; this may facilitate privilege escalation.

Successful exploitation may facilitate a compromise of the database server and enable an attacker to gain full DBA access.