Default Configuration of Oracle Application Server 9iAS 1.0.2.2 Allows Anonymous Deployment of Applications via SOAP
CVE-2001-1371 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
Learn more about our Cis Benchmark Audit For Server Software.