CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1578

The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html
http://www.securityfocus.com/bid/4613
https://exchange.xforce.ibmcloud.com/vulnerabilities/8972
http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html
http://www.securityfocus.com/bid/4613
https://exchange.xforce.ibmcloud.com/vulnerabilities/8972

Products affected by CVE-2002-1578

Sap » Sap R 3 » Version: Any

cpe:2.3:a:sap:sap_r_3:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1578

Products

Pricing

Contact Us