Oracle Default Accounts

This script is Copyright (C) 2006-2017 Tenable Network Security, Inc.

Synopsis :

One or more default accounts have been found in the remote database.

Description :

The remote Oracle database server has one or more default accounts,
possibly from older versions of Oracle or third-party software that
uses Oracle.

An attacker may use these accounts to gain access to the database
and read or possibly even modify it.

See also :

Solution :

If using a third-party product, contact the vendor for an update.

Otherwise, either disable the reported accounts or change the
associated passwords.

Risk factor :

High / CVSS Base Score : 7.5

Family: Databases

Nessus Plugin ID: 22075 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now