Description

It's possible to access the Oracle Business Intelligence by using the default credentials. Therefore, an attacker can interact with the server as an administrator which leads to takeover of the server.

Remediation

Change the default administrative usernames and passwords of Oracle Business Intelligence

Related Vulnerabilities

Express express-session weak secret key

Apache Tomcat insecure default administrative password

WordPress default administrator account

BottlePy weak secret key

Mojolicious weak secret key

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Default Credentials