Authorization Bypass in Sun Java System Access Manager 7.1
CVE-2007-5152
Currently unrated
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 1 October 2007
Summary
Sun Java System Access Manager 7.1, when deployed within Sun Java System Application Server 9.1, fails to require authentication post-container restart. This oversight allows remote attackers to gain unauthorized access and perform administrative tasks without proper credentials, potentially leading to severe security implications.
References
Timeline
Vulnerability published
Vulnerability Reserved