6.8

CVE-2007-6260

EPSS 0.87%
Veröffentlicht 06.12.2007 02:46:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener.  NOTE: at the end of the installation, if performed using the Database Configuration Assistant (DBCA), most accounts are disabled or their passwords are changed.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Database Server

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.87%	0.731

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://osvdb.org/43673

http://securityreason.com/securityalert/3419

http://www.davidlitchfield.com/blog/archives/00000030.htm

http://www.oracle.com/technology/deploy/security/pdf/twp_security_checklist_db_database_20071108.pdf

http://www.securityfocus.com/archive/1/483652/100/200/threaded

http://www.securityfocus.com/bid/26425

https://nvd.nist.gov/vuln/detail/CVE-2007-6260

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-6260

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-6260

EUVD