Lucene search
HistoryFeb 06, 2002 - 5:00 a.m.
CVE-2001-1371
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.918 High
EPSS
Percentile
98.9%
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
Affected configurations
Node
oracleapplication_serverMatch1.0.2
Related
openvas
openvas
autoDeploy
2005-11-03 00:00:00
Oracle 9iAS SOAP Default Configuration Vulnerability (HTTP)
2005-11-03 00:00:00
cert
cert
checkpoint_advisories
checkpoint_advisories
Oracle 9i HTTP Server Soap Router Access - Ver2 (CVE-2001-1371)
2015-03-26 00:00:00
nessus
nessus
Oracle 9iAS Default SOAP Configuration Unauthorized Application Deployment
2003-02-11 00:00:00
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00
cvelist
cvelist
CVE-2001-1371
2003-04-02 05:00:00
cve
cve
CVE-2001-1371
2003-04-02 05:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.918 High
EPSS
Percentile
98.9%
Related for NVD:CVE-2001-1371