2.1
CVE-2002-0568
- EPSS 75.18%
- Veröffentlicht 03.07.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:41
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 75.18% | 0.994 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
http://marc.info/?l=bugtraq&m=101301813117562&w=2
http://www.cert.org/advisories/CA-2002-08.html
http://www.nextgenss.com/papers/hpoas.pdf
http://www.kb.cert.org/vuls/id/476619
http://www.securityfocus.com/bid/4290