CVE-2007-1526
First published: Tue Mar 20 2007(Updated: )
Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for the admin server via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun Java System Web Server | =6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-1526?
CVE-2007-1526 is considered a moderate severity vulnerability due to its ability to allow unauthorized access to secure web server instances.
How do authorized users exploit CVE-2007-1526?
Authorized users can exploit CVE-2007-1526 by using revoked client certificates to bypass the Certificate Revocation List controls.
Which versions of Sun Java System Web Server are affected by CVE-2007-1526?
CVE-2007-1526 affects Sun Java System Web Server version 6.1 prior to 20070314.
What are the potential impacts of CVE-2007-1526?
The potential impacts of CVE-2007-1526 include unauthorized access to secure web server instances and compromise of sensitive data.
How can I mitigate CVE-2007-1526?
To mitigate CVE-2007-1526, update Sun Java System Web Server to version 6.1 or later than 20070314.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/sun
- canonical/sun java system web server
- version/sun java system web server/6.1