HIGH🇬🇧 English

CVE-2007-5152

CVSS 7.5v2.0pub. 2007-10-01upd. 2026-04-23

Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Sun Java System Access Manager

    APP
    Sun
    7.1
  • Sun Java System Application Server

    APP
    Sun
    9.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
ContainerAuth Bypass
CWE
Referencje

Powiązane podatności

CVE-2011-0807HIGH10.0ten sam produkt

Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System...

CVE-2010-0386HIGH8.1ten sam produkt

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, ...

CVE-2009-0169HIGH9.0ten sam produkt

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as...

CVE-2008-2945HIGH7.5ten sam produkt

Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly...

CVE-2008-2705HIGH9.3ten sam produkt

Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and conf...