CVE-2008-5549

Опубликовано: 12 дек. 2008

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."

Ссылки

http://secunia.com/advisories/33120
Vendor Advisory
http://securitytracker.com/id?1021380
http://sunsolve.sun.com/search/document.do?assetkey=1-21-124301-12-1
Patch
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-01-1
Patch
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243886-1
Vendor Advisory
http://www.securityfocus.com/bid/32770
http://www.vupen.com/english/advisories/2008/3408
https://exchange.xforce.ibmcloud.com/vulnerabilities/47256
http://secunia.com/advisories/33120
Vendor Advisory
http://securitytracker.com/id?1021380
http://sunsolve.sun.com/search/document.do?assetkey=1-21-124301-12-1
Patch
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-01-1
Patch
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243886-1
Vendor Advisory
http://www.securityfocus.com/bid/32770
http://www.vupen.com/english/advisories/2008/3408
https://exchange.xforce.ibmcloud.com/vulnerabilities/47256

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sun:java_system_portal_server:7.1:*:*:*:*:*:*:*

cpe:2.3:a:sun:java_system_portal_server:7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00463

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-w8jw-hp7x-fhp5

github

больше 3 лет назад