CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0562

The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.6%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2002-0562

Oracle » Application Server » Version: 1.0.2

cpe:2.3:a:oracle:application_server:1.0.2
Oracle » Application Server Web Cache » Version: 2.0.0.0

cpe:2.3:a:oracle:application_server_web_cache:2.0.0.0
Oracle » Application Server Web Cache » Version: 2.0.0.1

cpe:2.3:a:oracle:application_server_web_cache:2.0.0.1
Oracle » Application Server Web Cache » Version: 2.0.0.2

cpe:2.3:a:oracle:application_server_web_cache:2.0.0.2
Oracle » Application Server Web Cache » Version: 2.0.0.3

cpe:2.3:a:oracle:application_server_web_cache:2.0.0.3
Oracle » Oracle9i » Version: 9.0

cpe:2.3:a:oracle:oracle9i:9.0
Oracle » Oracle9i » Version: 9.0.1

cpe:2.3:a:oracle:oracle9i:9.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0562

Products

Pricing

Contact Us