Authentication Bypass in Apache Geronimo Management EJB
CVE-2007-5085

Currently unrated

Key Information:

Vendor: Apache
Status: Geronimo
Vendor: CVE Published:; 26 September 2007

Summary

An unspecified vulnerability exists in the management EJB (MEJB) of Apache Geronimo versions prior to 2.0.2. This flaw allows remote attackers to bypass authentication measures and gain unauthorized access to Geronimo's internal functionalities. The exact vectors through which this access is granted remain unspecified, posing a significant risk to the integrity and confidentiality of applications deployed on the affected versions.

References

http://www.securityfocus.com/bid/25804

vdb-entryx_refsource_BID

http://geronimo.apache.org/2007/09/07/mejb-security-alert...

x_refsource_CONFIRM

http://secunia.com/advisories/27464

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Sep 26, 2007
Vulnerability Reserved
Sep 25, 2007