Default Account in Oracle Database of Sun Management Center Allows Remote Attacks
CVE-2007-6480

Currently unrated

Key Information:

Vendor: Oracle
Status: Management\+center
Vendor: CVE Published:; 20 December 2007

What is CVE-2007-6480?

The Oracle database component in Sun Management Center versions 3.6.1, 3.6, and 3.5 Update 1 is susceptible to exploitation due to its inclusion of a default account. This configuration flaw permits remote attackers to gain unauthorized access to the database environment, potentially allowing them to execute arbitrary code. Security measures are essential to mitigate the risks associated with this vulnerability.

References

http://secunia.com/advisories/28151

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1019119

vdb-entryx_refsource_SECTRACK

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 20, 2007
Vulnerability Reserved
Dec 20, 2007