CVE-2002-2345Oracle Application Server vulnerability

CWE-2553 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.7%
top 28.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Application Server
Timeline
PublishedDec 31
Latest updateApr 30

Description

Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-x2fv-2p78-rq82: Oracle 9i Application Server 92022-04-30
CVEList
CVE-2002-2345: Oracle 9i Application Server 92007-10-29