Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Oracle Business Intelligence default administrative credentials - Vulnerability Database

Oracle Business Intelligence default administrative credentials

Description

It's possible to access the Oracle Business Intelligence by using the default credentials. Therefore, an attacker can interact with the server as an administrator which leads to takeover of the server.

Remediation

Change the default administrative usernames and passwords of Oracle Business Intelligence

References

Understanding the Default Security Configuration - Oracle

Related Vulnerabilities

PrimeFaces 5.x Expression Language injection High
Common tags: Default Credentials
Ruby framework weak secret key High
Common tags: Default Credentials
Apache APISIX default token (CVE-2020-13945/CVE-2022-24112) Medium
Common tags: Default Credentials
Unrestricted access to Haproxy Data Plane API High
Common tags: Default Credentials
Apache Airflow default credentials High
Common tags: Default Credentials

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Default Credentials