|Oracle DBMS_PSWMG_IMPORT Built-In Package
Versions ? - 19.3
|Some pages here in the Code Library are included because they are an identified vulnerability or because there are known exploits.
Others, such as this page, are included because we know that they, in some manner, impact system security. The potential impact is clear when you look at the dependencies list below which includes the data dictionary table USER_HISTORY$.
And the security model which includes grants of EXECUTE to the EXP_FULL_DATABASE and IMP_FULL_DATABASE roles.
Our unverified suspicion is that it is used by DataPump and impacts the transfer, between databases, of password history and the password verify function.
|Recommended Security Rules|
|How Oracle Works|
|We do not know enough about this package to provide specific guidance.|
|DBMS_PSWMG_IMPORT Package Information|
|Data Types||TYPE arrayOfHistoryRecords ....|
|First Available||Known to exist in 12.1 through 19.3. Likely has existed in many previous versions.|
|Security Model||Owned by SYS with EXECUTE granted to the EXP_FULL_DATABASE and IMP_FULL_DATABASE roles.|
|Import Password History||
|Imports the Password Verify Function||
|Purge Password History||