CVE-2007-5153

CWE-94 — Code Injection3 documents3 sources

Severity

6.8MEDIUM

EPSS

4.1%

top 11.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java System Access Manager SUN Java System Application Server

Timeline

PublishedOct 1

Latest updateMay 1

Description

Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

▶NVDsun/java_system_access_manager7.1

▶NVDsun/java_system_application_server8.1, 8.2+1

🔴Vulnerability Details

GHSA

GHSA-vc8h-r7hv-2mvc: Unspecified vulnerability in Sun Java System Access Manager 7↗2022-05-01

▶

CVEList

CVE-2007-5153: Unspecified vulnerability in Sun Java System Access Manager 7↗2007-10-01

▶