Description
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
Remediation
References
Related Vulnerabilities
Jboss EAP Improper Authentication Vulnerability (CVE-2020-14299)
Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)
WordPress Plugin Ultimate Membership Pro Security Bypass (8.6)
WordPress Plugin Subscriptions & Memberships for PayPal Cross-Site Scripting (1.1.2)
Jenkins Incorrect Authorization Vulnerability (CVE-2017-2611)