Description

Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain privileges.

Remediation

References

CVE-2002-1637

Related Vulnerabilities

MySQL CVE-2013-5807 Vulnerability (CVE-2013-5807)

Ruby on Rails Other Vulnerability (CVE-2013-0333)

MySQL CVE-2019-2923 Vulnerability (CVE-2019-2923)

WordPress Plugin WordPress Custom Settings Cross-Site Scripting (1.0)

WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure (1.2.1)

Severity

Medium

Classification

CVE-2002-1637

Tags

Missing Update Known Vulnerabilities