Описание
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sun:java_system_access_manager:7.1:*:hp-ux:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:linux:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_sparc:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_x86:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:windows:*:*:*:*:*
cpe:2.3:a:sun:java_system_application_server:9.1:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02353
Низкий
7.5 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.
EPSS
Процентиль: 85%
0.02353
Низкий
7.5 High
CVSS2
Дефекты
CWE-287