Unrated severityNVD Advisory· Published Oct 1, 2007· Updated Apr 23, 2026

CVE-2007-5152

Description

Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.

Affected products

Sun Corporation/Java System Access Manager5 versions
cpe:2.3:a:sun:java_system_access_manager:7.1:*:hp-ux:*:*:*:*:*+ 4 more
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:hp-ux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:linux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_sparc:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_x86:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:windows:*:*:*:*:*
Sun Corporation/Java System Application Server
cpe:2.3:a:sun:java_system_application_server:9.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000