Lucene search
HistoryJul 03, 2002 - 4:00 a.m.
CVE-2002-0562
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.781 High
EPSS
Percentile
98.3%
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa.
Affected configurations
Node
oracleapplication_serverMatch1.0.2
ORoracleapplication_server_web_cacheMatch2.0.0.0
ORoracleapplication_server_web_cacheMatch2.0.0.1
ORoracleapplication_server_web_cacheMatch2.0.0.2
ORoracleapplication_server_web_cacheMatch2.0.0.3
ORoracleoracle9iMatch9.0
ORoracleoracle9iMatch9.0.1
Related
openvas
openvas
Oracle 9iAS Jsp Source File Reading
2005-11-03 00:00:00
Oracle 9iAS Globals.jsa access
2005-11-03 00:00:00
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2002-0562
2002-06-11 04:00:00
nessus
nessus
Oracle 9iAS globals.jsa Database Credential Remote Disclosure
2002-02-07 00:00:00
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00
cve
cve
CVE-2002-0562
2002-07-03 04:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.781 High
EPSS
Percentile
98.3%
Related for NVD:CVE-2002-0562