Lucene search

[email protected]CVE-2007-4511

HistoryAug 23, 2007 - 7:17 p.m.

CVE-2007-4511

2007-08-2319:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sun application server

admin console

ssl

vulnerability

nvd

cve-2007-4511

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.083 Low

EPSS

Percentile

94.4%

JSON

The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass intended policy.

CPENameOperatorVersion
sun:java_system_application_serversun java system application servereq9.0_0.1

CPE	Name	Operator	Version
sun:java_system_application_server	sun java system application server	eq	9.0_0.1

References

osvdb.org/45828

www.securityfocus.com/archive/1/477315/100/0/threaded

www.securityfocus.com/bid/25400

exchange.xforce.ibmcloud.com/vulnerabilities/36169

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.083 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2007-4511

prion1 cvelist1