{"api_version":"1","generated_at":"2026-06-03T21:22:35+00:00","cve":"CVE-2007-5170","urls":{"html":"https://cve.report/CVE-2007-5170","api":"https://cve.report/api/cve/CVE-2007-5170.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5170","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5170"},"summary":{"title":"CVE-2007-5170","description":"Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-10-01 20:17:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102942-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102942-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://securitytracker.com/id?1018756","name":"http://securitytracker.com/id?1018756","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Sun Fire Server Embedded Lights Out Manager Software Lets Remote Users Send SPAM via the System - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200051-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200051-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://osvdb.org/40832","name":"http://osvdb.org/40832","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2007/3306","name":"http://www.vupen.com/english/advisories/2007/3306","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36873","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36873","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/25863","name":"http://www.securityfocus.com/bid/25863","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Sun Fire X2100 M2 And X2200 M2 ELOM Unauthorized Access Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/27027","name":"http://secunia.com/advisories/27027","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Sun Fire X2100 / X2200 Embedded Lights Out Manager Security Bypass - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5170","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5170","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5170","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sun","cpe5":"embedded_lights_out_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5170","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"sun","cpe5":"sun_fire","cpe6":"x2100m2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5170","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"sun","cpe5":"sun_fire","cpe6":"x2200m2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:24:41.768Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"102942","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102942-1"},{"name":"40832","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/40832"},{"name":"27027","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27027"},{"name":"1018756","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1018756"},{"name":"200051","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200051-1"},{"name":"sunfire-elom-unauthorized-access(36873)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36873"},{"name":"25863","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/25863"},{"name":"ADV-2007-3306","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3306"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-09-28T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"102942","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102942-1"},{"name":"40832","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/40832"},{"name":"27027","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27027"},{"name":"1018756","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1018756"},{"name":"200051","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200051-1"},{"name":"sunfire-elom-unauthorized-access(36873)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36873"},{"name":"25863","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/25863"},{"name":"ADV-2007-3306","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3306"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5170","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"102942","refsource":"SUNALERT","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102942-1"},{"name":"40832","refsource":"OSVDB","url":"http://osvdb.org/40832"},{"name":"27027","refsource":"SECUNIA","url":"http://secunia.com/advisories/27027"},{"name":"1018756","refsource":"SECTRACK","url":"http://securitytracker.com/id?1018756"},{"name":"200051","refsource":"SUNALERT","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200051-1"},{"name":"sunfire-elom-unauthorized-access(36873)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36873"},{"name":"25863","refsource":"BID","url":"http://www.securityfocus.com/bid/25863"},{"name":"ADV-2007-3306","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3306"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5170","datePublished":"2007-10-01T20:00:00.000Z","dateReserved":"2007-10-01T00:00:00.000Z","dateUpdated":"2024-08-07T15:24:41.768Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-10-01 20:17:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sun:sun_fire:x2100m2:*:*:*:*:*:*:*","matchCriteriaId":"DA69C4D2-EDA8-4976-BC6C-D9AAF1454276"},{"vulnerable":false,"criteria":"cpe:2.3:h:sun:sun_fire:x2200m2:*:*:*:*:*:*:*","matchCriteriaId":"124B9977-92A7-4CF3-BD97-21BC912C8369"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sun:embedded_lights_out_manager:*:*:*:*:*:*:*:*","matchCriteriaId":"B045B405-298A-4F6C-89B7-82CC44FA87DE"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5170","Ordinal":"1","Title":"CVE-2007-5170","CVE":"CVE-2007-5170","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5170","Ordinal":"1","NoteData":"Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy.","Type":"Description","Title":"CVE-2007-5170"},{"CveYear":"2007","CveId":"5170","Ordinal":"2","NoteData":"2007-10-01","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5170","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}