Configuration Weakness in Sun Application Server 9.0 Admin Console
CVE-2007-4511

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
23 August 2007

Summary

The Sun Admin Console in Sun Application Server 9.0_0.1 has a vulnerability that prevents certain configuration changes from being applied persistently. This results in the SSL and SSL_MutualAuth ORB listener services reverting to insecure defaults after a restart. Consequently, this may enable unauthorized remote attackers to exploit flexible SSL configurations, leading to potential circumvention of established security policies.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.