exploitDog

CVE-2002-1578

Опубликовано: 15 апр. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4613
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/8972
http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4613
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/8972

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:sap_r_3:*:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01257

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-gpm8-6j9v-6v7f

github

почти 4 года назад

The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.

EPSS

Процентиль: 79%

0.01257

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other