CVE-2007-5152

SUN Java System Access Manager - Authentication Bypass

Title source: rule

Description

Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.

References (8)

Scores

EPSS 0.0235
EPSS Percentile 84.7%

Classification

CWE
CWE-287
Status draft

Affected Products (6)

sun/java_system_access_manager
sun/java_system_access_manager
sun/java_system_access_manager
sun/java_system_access_manager
sun/java_system_access_manager
sun/java_system_application_server

Timeline

Published Oct 01, 2007
Tracked Since Feb 18, 2026