Oracle Cloud admits users could access other customer data

A vulnerability in Oracle Cloud Infrastructure (OCI) could have essentially allowed any user to read and write data from other OCI customers, researchers have claimed.

Experts at cloud security firm Wiz said they encountered the vulnerability when creating an OCI connector for their own tech stack and discovered they could attach other people’s virtual disks to their VM instances. All they need is that other person’s memory (opens in new tab) Volume Oracle Cloud Identifier, and that the other person’s volume supported multi-attachment (or was not already attached).

https://www.techradar.com/news/oracle-cloud-admits-users-could-access-other-customer-data Oracle Cloud admits users could access other customer data

Snopx

Pechip.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@pechip.com. The content will be deleted within 24 hours.

Related Articles

Back to top button