Don't miss our upcoming Network Computing virtual event on Connectivity Solutions - Secure Your Complementary Seat Now!
Oracle has posted patches for its E-Business Suite and Applications 11.0 software to fix multiple, critical SQL vulnerabilities.
The vulnerabilities, which were first disclosed last week by Stephen Kost of security firm Integrigy, affect Oracle Applications 11.0 and 11i, as well as E-Business Suite versions 11.5.1 through 11.5.8-- on all platforms.
On Tuesday, the U.S. Computer Emergency Response Team (US-CERT), part of the Department of Homeland Security, also chimed in with its own alert on the problem.
Oracle rated the risk as high, "as any user with browser access and specialized knowledge can exploit these vulnerabilities," the company said in an advisory posted last week.
The SQL vulnerability allows attackers to hijack a database or application, or execute SQL statements, by inserting SQL code fragments into the input fields of a Web page. Users with Internet-facing application servers are most at risk, according to Integrigy.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
