Null Authentication Vulnerability in Oracle 9i Application Server 1.0.2.x PL/SQL Gateway Web Administration Interface

Null Authentication Vulnerability in Oracle 9i Application Server 1.0.2.x PL/SQL Gateway Web Administration Interface

CVE-2002-0561 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.