Описание
The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01.
Ссылки
- US Government Resource
- Vendor Advisory
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.0456
Низкий
7.8 High
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
почти 4 года назад
The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01.
EPSS
Процентиль: 89%
0.0456
Низкий
7.8 High
CVSS2
Дефекты
CWE-399