Vulnerabilities > CVE-2007-4511 - Unspecified vulnerability in SUN Java System Application Server 9.00.1

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

sun

NVD

Published: 2007-08-23

Updated: 2018-10-15

Summary

The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass intended policy.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN Java System Application Server 9.0_0.1	1

References

http://osvdb.org/45828
http://www.securityfocus.com/archive/1/477315/100/0/threaded
http://www.securityfocus.com/bid/25400
https://exchange.xforce.ibmcloud.com/vulnerabilities/36169