CVE-2008-5549

high

Description

Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47256

http://www.vupen.com/english/advisories/2008/3408

http://www.securityfocus.com/bid/32770

http://sunsolve.sun.com/search/document.do?assetkey=1-26-243886-1

http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-01-1

http://sunsolve.sun.com/search/document.do?assetkey=1-21-124301-12-1

http://securitytracker.com/id?1021380

http://secunia.com/advisories/33120

Details

Source: Mitre, NVD

Published: 2008-12-12

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00463