CVE-2007-6260

EPSS 0.87%
Published 06.12.2007 02:46:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener.  NOTE: at the end of the installation, if performed using the Database Configuration Assistant (DBCA), most accounts are disabled or their passwords are changed.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Database Server

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.87%	0.731

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://osvdb.org/43673

http://securityreason.com/securityalert/3419

http://www.davidlitchfield.com/blog/archives/00000030.htm

http://www.oracle.com/technology/deploy/security/pdf/twp_security_checklist_db_database_20071108.pdf

http://www.securityfocus.com/archive/1/483652/100/200/threaded

http://www.securityfocus.com/bid/26425

https://nvd.nist.gov/vuln/detail/CVE-2007-6260

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-6260

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-6260

EUVD