CVE-2007-5152

CWE-287Improper Authentication4 documents4 sources
Severity
7.5HIGH
EPSS
2.5%
top 14.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN Java System Access ManagerSUN Java System Application Server
Timeline
PublishedOct 1
Latest updateMay 1

Description

Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-3h6p-jvww-q7w3: Sun Java System Access Manager 72022-05-01
CVEList
CVE-2007-5152: Sun Java System Access Manager 72007-10-01

💥Exploits & PoCs

1
Exploit-DB
Furkan Tastan Blog - SQL Injection2007-10-05
CVE-2007-5152 (HIGH CVSS 7.5) | Sun Java System Access Manager 7.1 | cvebase.io