Description
Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25804
Various Sources x_refsource_confirm
http://geronimo.apache.org/2007/09/07/mejb-security-alert.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27464
Various Sources x_refsource_confirm
http://www-1.ibm.com/support/docview.wss?uid=swg21271586
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018877
Various Sources x_refsource_misc
https://issues.apache.org/jira/browse/GERONIMO-3456
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26906
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38661
Scores
EPSS
0.0320
EPSS Percentile
86.5%
Details
CWE
CWE-287
Status
published
Products (2)
apache/geronimo
2.0.1
apache/geronimo
2.1
Published
Sep 26, 2007
Tracked Since
Feb 18, 2026