CVE-2002-0562 in Oracle9i
Summary
by MITRE
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 09/16/2025
The vulnerability described in CVE-2002-0562 represents a critical configuration flaw in Oracle 9i Application Server version 1.0.2.x that exposes sensitive runtime information through improper file placement. This issue specifically affects the Oracle JSP and SQLJSP components where the globals.jsa file containing authentication credentials and system information is inadvertently stored within the web accessible directory structure. The flaw stems from the default installation configuration that fails to properly isolate sensitive runtime artifacts from public web access, creating an attack surface that directly exposes confidential data to remote threat actors.
The technical exploitation of this vulnerability occurs through a straightforward direct HTTP request mechanism that allows attackers to access the globals.jsa file without authentication. This file contains critical system information including usernames and passwords that are typically stored in memory during application execution. The vulnerability is classified under CWE-200, which addresses the exposure of sensitive information to an unauthorized actor, and represents a classic case of insecure configuration management that violates fundamental security principles. The attack vector operates entirely through standard HTTP protocols, making it easily exploitable by anyone with network access to the affected server.
The operational impact of this vulnerability extends beyond simple credential theft to encompass potential system compromise and unauthorized access to sensitive business applications. When attackers successfully retrieve the globals.jsa file, they gain access to authentication tokens, database connection strings, and other sensitive runtime parameters that could enable further exploitation. This vulnerability directly impacts the confidentiality and integrity aspects of the CIA triad, as it allows unauthorized information disclosure and potentially provides attackers with the means to escalate privileges or conduct additional attacks against the underlying system infrastructure. The exposure of database credentials in particular could lead to complete database compromise and data exfiltration.
Organizations affected by this vulnerability should implement immediate mitigations including proper file access controls, directory structure reconfiguration, and removal of sensitive files from web-accessible locations. The recommended remediation strategy involves moving the globals.jsa file to a secure, non-web-accessible directory and implementing proper access controls using web server configuration files. Security controls should also include regular configuration audits and vulnerability scanning to identify similar misconfigurations. This vulnerability demonstrates the critical importance of following security best practices such as the principle of least privilege and secure configuration management, as outlined in various security frameworks including NIST SP 800-53 and ISO 27001 standards. Organizations must also consider implementing web application firewalls and monitoring solutions to detect and prevent unauthorized access attempts to sensitive system files.