Lucene search

[email protected]CVE-2007-1526

HistoryMar 20, 2007 - 8:19 p.m.

CVE-2007-1526

2007-03-2020:19:00

[email protected]

web.nvd.nist.gov

sun java system

web server

security

authentication

crl

authorization control

remote access

6.2 Medium

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON

Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for the admin server via unspecified vectors.

Affected configurations

NVD

Node

sunjava_system_web_serverMatch6.1

CPENameOperatorVersion
sun:java_system_web_serversun java system web servereq6.1

CPE	Name	Operator	Version
sun:java_system_web_server	sun java system web server	eq	6.1

References

osvdb.org/34074

secunia.com/advisories/24531

sunsolve.sun.com/search/document.do?assetkey=1-26-102822-1

www.securitytracker.com/id?1017777

www.vupen.com/english/advisories/2007/0958

6.2 Medium

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for CVE-2007-1526

prion1 cvelist1 nvd1 securityvulns1 nessus5