CVE-2007-5085

Apache Geronimo - Authentication Bypass in Management EJB

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25804
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27464
Various Sources x_refsource_confirm
http://www-1.ibm.com/support/docview.wss?uid=swg21271586
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018877
Various Sources x_refsource_misc
https://issues.apache.org/jira/browse/GERONIMO-3456
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26906
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38661

Scores

EPSS 0.0320
EPSS Percentile 86.5%

Details

CWE
CWE-287
Status published
Products (2)
apache/geronimo 2.0.1
apache/geronimo 2.1
Published Sep 26, 2007
Tracked Since Feb 18, 2026