Problem solve Get help with specific problems with your technologies, process and projects.

Clarifying OpenSSL protocol vulnerabilities

Quote from SearchOracle.com Dec. 8 says "Oracle Corp. on Friday confirmed that a variety of its server products could be tampered with through vulnerabilities via the OpenSSL protocol." My understanding is this: The vulnerability exists if using OpenSSL protocol. If users access all databases behind firewall via intranet, then tampering can only come from internal employees. Correct?
To a point, this is correct. The OpenSSL vulnerability can only be exploited if someone has access to your database server. For these types of security reasons, many organizations place their database server behind a firewall, and rightfully so. However, application servers, which typically sit in a "De-militarized zone (DMZ)" area of the firewall, not only allow open access to the application server but also need a firewall hole poked to let the application server connect to the database. Depending on your level of security and your network configuration, it is possible for someone in the outside world to be able to exploit this security hole. For that reason, I make the appropriate security fixes for the database even if the database is inside the company's firewall.

Dig Deeper on Oracle database design and architecture

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.