CVE-2008-2406

CWE-287Improper Authentication3 documents3 sources
Severity
7.5HIGH
EPSS
1.0%
top 23.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Java ASP Server
Timeline
PublishedJun 4
Latest updateMay 1

Description

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDsun/java_asp_server4.0.2+1

🔴Vulnerability Details

2
GHSA
GHSA-4jgq-fhgh-wpfp: The administration application server in Sun Java Active Server Pages (ASP) Server before 42022-05-01
CVEList
CVE-2008-2406: The administration application server in Sun Java Active Server Pages (ASP) Server before 42008-06-04
CVE-2008-2406 (HIGH CVSS 7.5) | The administration application serv | cvebase.io