CVE-2001-1371 — HIGH severity vulnerability (The default configuration of Oracle Application Server 9iAS)
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
| CVE ID | CVE-2001-1371 |
|---|---|
| Severity | HIGH |
| CVSS score | 7.5 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| CWE | CWE-264, NVD-CWE-noinfo |
| Status | Modified |
| Published | 2002-02-06 |
| Last modified | 2026-04-16 |
| Description | The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →