Advertisement






Oracle E-Business Suite Default credentials vulnerability

CVE Category Price Severity
CVE-2020-2857 CWE-16 $5000 Critical
Author Risk Exploitation Type Date
Unknown High Remote 2020-03-21
CPE
cpe:cpe:/a:oracle:e-business_suite
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 0.03 0.88

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020030106

Below is a copy:

Oracle E-Business Suite Default credentials vulnerability
Oracle E-Business Suite has a default credentials vulnerability that allows you to login as system administration and a possibility to access sensitive data.

Dork : inurl:/OA_HTML/RF.jsp

[+] Username : op_sysadmin
[+] Password  : op_sysadmin


Tested on versions from 2006-2014 

Example : 

ebs.eprocurement.gov.gr

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.