Remote Command Execution in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager
CVE-2007-5717

Currently unrated

Key Information:

Vendor: Oracle
Status: Embedded Lights Out Manager
Vendor: CVE Published:; 30 October 2007

What is CVE-2007-5717?

A vulnerability exists in the Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) that allows remote attackers to gain root access to the Service Processor (SP). This is achieved through unspecified vectors, which can lead to arbitrary command execution. The issue is distinct from other known vulnerabilities, specifically CVE-2007-5170. Affected firmware versions prior to 2.70 are susceptible, emphasizing the need for organizations to review their systems and apply appropriate patches to mitigate potential attacks.

References

http://www.vupen.com/english/advisories/2007/3652

vdb-entryx_refsource_VUPEN

http://osvdb.org/40835

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/26250

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2007
Vulnerability Reserved
Oct 30, 2007

Oracle

What is CVE-2007-5717?

References

Timeline