Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Oracle Application Server Permissions Privileges and Access Controls Vulnerability - CVE-2001-1371 - Vulnerability Database
Oracle Application Server

Oracle Application Server Permissions Privileges and Access Controls Vulnerability - CVE-2001-1371

High
Reference: CVE-2001-1371
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2001-1371
Title: Oracle Application Server Permissions Privileges and Access Controls Vulnerability
Overview:

The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.