Lucene search

[email protected]NVD:CVE-2007-3700

HistoryJul 11, 2007 - 11:30 p.m.

CVE-2007-3700

2007-07-1123:30:00

[email protected]

web.nvd.nist.gov

1.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.4%

JSON

Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the message debug level is configured in the com.iplanet.services.debug.level property in AMConfig.properties, logs cleartext login passwords, which allows local users to gain privileges by reading /var/opt/SUNWam/debug/amAuth.

Affected configurations

NVD

Node

sunjava_system_access_manager

References

osvdb.org/37249

secunia.com/advisories/26030

sunsolve.sun.com/search/document.do?assetkey=1-26-101918-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200386-1

www.securityfocus.com/bid/24859

www.securitytracker.com/id?1018370

www.vupen.com/english/advisories/2007/2496

exchange.xforce.ibmcloud.com/vulnerabilities/35339

1.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.4%

JSON

Related for NVD:CVE-2007-3700

cvelist1 prion1 cve1 nessus8