Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-5549


Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."


Published

2008-12-12T18:30:03.233

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-264
    NVD-CWE-noinfo

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application sun java_system_portal_server 7.1 Yes
Application sun java_system_portal_server 7.2 Yes

References