Lucene search

[email protected]CVE-2007-5152

HistoryOct 01, 2007 - 5:17 a.m.

CVE-2007-5152

2007-10-0105:17:00

CWE-287

[email protected]

web.nvd.nist.gov

cve-2007-5152

sun java system access manager

authentication bypass

remote attack

nvd

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.

CPENameOperatorVersion
sun:java_system_access_managersun java system access managereq7.1
sun:java_system_application_serversun java system application servereq9.1

CPE	Name	Operator	Version
sun:java_system_access_manager	sun java system access manager	eq	7.1
sun:java_system_application_server	sun java system application server	eq	9.1

References

osvdb.org/37758

secunia.com/advisories/26976

sunsolve.sun.com/search/document.do?assetkey=1-26-103069-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200839-1

www.securityfocus.com/bid/25842

www.securitytracker.com/id?1018753

www.vupen.com/english/advisories/2007/3282

exchange.xforce.ibmcloud.com/vulnerabilities/36846

Social References

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-2007-5152

prion1 cvelist1