Update Table Without Update Permission On 11gr2

 

I’m going to talk about a problem I tested in 11gr2 versions.

Each user with a select permission in a table can update that table.

You can try the following steps in the database.

 

To resolve this vulnerability, upgrade to 11.2.0.4.5 with the latest patch level or later.