Skip to content

Oracle Credentials

Service Name: Oracle Database

Service Description: Oracle Database is a multi-model database management system produced and marketed by Oracle Corporation. It is designed for enterprise grid computing and data warehousing, supporting various workloads including online transaction processing (OLTP), data warehousing, and mixed database workloads.

Service Address: https://www.oracle.com/database/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the database level using Oracle Net Services configuration and Oracle Database firewall features.

Secret Access Scope: Grants access to Oracle databases, allowing for data retrieval, manipulation, and administration depending on the user's assigned privileges.

Secret Revokement URL: https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/keeping-your-oracle-database-secure.html#GUID-451679EB-8676-47E6-82A6-DF025FD65156

Secret Example: oracle://username:p4ssw0rd@hostname:1521/service_name

Suspicious Activity Investigation Instructions:

  • Review database audit logs for unusual query patterns or access times
  • Check for unauthorized schema modifications or privilege escalations
  • Monitor for large data exports or unusual query volume
  • Examine connection logs for access from unexpected IP addresses
  • Review user activity reports for actions outside normal business hours

Mitigation Instructions:

  • Immediately change the compromised user's password using ALTER USER

command

  • Revoke any excessive privileges that may have been granted using REVOKE

statements

  • Consider locking the account temporarily using ALTER USER [username]

ACCOUNT LOCK

  • Implement connection restrictions based on IP address using Oracle Net

Services

  • Enable advanced auditing for the affected user accounts
  • Review and update password policies to enforce stronger security
  • Consider implementing Oracle Database Vault for additional security controls