Lucene search
HistoryApr 02, 2003 - 5:00 a.m.
CVE-2001-1371
oracle
application server 9ias 1.0.2.2
soap
anonymous deployment
cve-2001-1371
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9 High
AI Score
Confidence
High
0.918 High
EPSS
Percentile
98.9%
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
Affected configurations
Node
oracleapplication_serverMatch1.0.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| oracle:application_server | oracle application server | eq | 1.0.2 |
Related
cert
cert
nessus
nessus
Oracle 9iAS Default SOAP Configuration Unauthorized Application Deployment
2003-02-11 00:00:00
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00
nvd
nvd
CVE-2001-1371
2002-02-06 05:00:00
cvelist
cvelist
CVE-2001-1371
2003-04-02 05:00:00
openvas
openvas
Oracle 9iAS SOAP Default Configuration Vulnerability (HTTP)
2005-11-03 00:00:00
autoDeploy
2005-11-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle 9i HTTP Server Soap Router Access - Ver2 (CVE-2001-1371)
2015-03-26 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9 High
AI Score
Confidence
High
0.918 High
EPSS
Percentile
98.9%
Related for CVE-2001-1371