Code injection

2009-08-0719:00:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.4%

JSON

Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.

CPENameOperatorVersion
java_system_access_managereq6.32005q1 solaris8sparc
java_system_access_managereq7.1 solaris10sparc
java_system_access_managereq7.1 solaris9sparc
java_system_access_managereq72005q4 solaris10sparc
java_system_access_managereq7.1 solaris8sparc
java_system_access_managereq6.32005q1 solaris10sparc
java_system_access_managereq6.32005q1 solaris9sparc
java_system_access_managereq72005q4 solaris9sparc
java_system_access_managereq72005q4 solaris8sparc
java_system_access_managereq6.32005q1 solaris8x86

Name	Operator	Version
java_system_access_manager	eq	6.32005q1 solaris8sparc
java_system_access_manager	eq	7.1 solaris10sparc
java_system_access_manager	eq	7.1 solaris9sparc
java_system_access_manager	eq	72005q4 solaris10sparc
java_system_access_manager	eq	7.1 solaris8sparc
java_system_access_manager	eq	6.32005q1 solaris10sparc
java_system_access_manager	eq	6.32005q1 solaris9sparc
java_system_access_manager	eq	72005q4 solaris9sparc
java_system_access_manager	eq	72005q4 solaris8sparc
java_system_access_manager	eq	6.32005q1 solaris8x86