7.5
CVE-2002-0564
- EPSS 1.52%
- Published 03.07.2002 04:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.
Data is provided by the National Vulnerability Database (NVD)
Oracle ≫ Application Server Version1.0.2
Oracle ≫ Application Server Web Cache Version2.0.0.0
Oracle ≫ Application Server Web Cache Version2.0.0.1
Oracle ≫ Application Server Web Cache Version2.0.0.2
Oracle ≫ Application Server Web Cache Version2.0.0.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.52% | 0.795 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|