Oracle’s stealth password cracking vulnerability
I just read an article about how Oracle Database suffers from “stealth password cracking vulnerability“. This means someone trying to exploit this vulnerability can brute force your passwords and you would never know about it. Oracle fixed this vulnerability in the new version of the authentication protocol but decided not to patch the previous version. Therefore, everyone running Oracle 11G will need to upgrade. Upgrading is going to be an issue for many companies running Oracle 11G since either they cannot or will not upgrade for many reasons. Maybe it is time to rethink this policy in your organization. There is a paper published about the problems in the Oracle Authentication protocol, so your databases are possible being attacked right now. Because many companies do not upgrade, this vulnerability is going to be around for a long time.
Explore More Blog Posts
Stay Ahead of Cloud Threats: Introducing Azure and AWS Security Reviews
Discover how NetSPI's Azure & AWS Configuration Reviews provide continuous visibility, risk identification, and actionable insights to secure your cloud environments.
Ready for Red Teaming? How to Design Realistic, Intelligence-Driven Scenarios
By adopting an adversarial mindset, you can uncover the blind spots that automated scans often miss, shifting from a reactive stance to a proactive, battle-tested defense.
CVE-2026-1731 – BeyondTrust RCE Overview and Takeaways
Learn about CVE-2026-1731, a critical RCE vulnerability in BeyondTrust RS & PRA products. Discover its impact, affected versions, and remediation steps.