Authentication Bypass Vulnerability in PL/SQL Module 3.0.9.8.2

CVE-2002-0564 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.