Lucene search

PRIOn knowledge basePRION:CVE-2008-2406

HistoryJun 04, 2008 - 8:32 p.m.

Authentication flaw

2008-06-0420:32:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.3%

JSON

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.

CPENameOperatorVersion
java_asp_serverle4.0.2
java_asp_servereq4.0

CPE	Name	Operator	Version
	java_asp_server	le	4.0.2
	java_asp_server	eq	4.0

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=710

secunia.com/advisories/30523

sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1

www.securityfocus.com/bid/29539

www.securitytracker.com/id?1020191

www.vupen.com/english/advisories/2008/1742/references

exchange.xforce.ibmcloud.com/vulnerabilities/42833

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for PRION:CVE-2008-2406