CVE-2002-1637

Published: Feb 26, 2002Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain privileges.

Affected (1)

Products: Oracle: Application Server

1 product

Application Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Oracle Application Server	All versions

References (14)

http://www.kb.cert.org/vuls/id/712723

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.nextgenss.com/papers/hpoas.pdf

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/968

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/969

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/970

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/971

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/972

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/712723

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

http://www.nextgenss.com/papers/hpoas.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/968

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/969

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/970

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/971

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/972

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.