Lucene search

K
cve[email protected]CVE-2009-1083
HistoryOct 03, 2022 - 4:23 p.m.

CVE-2009-1083

2022-10-0316:23:58
CWE-94
web.nvd.nist.gov
19
java
identity manager
cve-2009-1083
security
remote execution

7.8 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.6%

Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits “control characters” in the passwords of user accounts, which allows remote attackers to execute arbitrary commands via vectors involving “resource adapters.”

Affected configurations

NVD
Node
sunjava_system_identity_managerMatch7.0
OR
sunjava_system_identity_managerMatch7.1
OR
sunjava_system_identity_managerMatch7.1.1
OR
sunjava_system_identity_managerMatch8.0

7.8 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.6%

Related for CVE-2009-1083