Java System Access Manager@7 2005q4 Security Vulnerabilities and Issues — Java System Access Manager@7 2005q4 CVE List

SunJava System Access Manager7 2005q4

4 matches found

CVE•added 2009/08/07 6:33 p.m.•75 views

CVE-2009-2713

Sun Java System Access Manager 7.0 (2005Q4) and 7.1 with Cross Domain Single Sign On enabled is affected by CVE-2009-2713. The issue is that the CDCServlet component does not ensure policy advice is presented to the correct client, enabling potential information disclosure via unspecified vectors...

4.3CVSS5.9AI score0.0171EPSS

CVE•added 2009/08/07 6:33 p.m.•65 views

CVE-2009-2712

CVE-2009-2712 affects Sun Java System Access Manager (6.3/2005Q1, 7.0/2005Q4, 7.1) and OpenSSO/OpenSSO Enterprise 8.0. When AMConfig.properties enables the debug flag, local users can read debug files and discover cleartext passwords (information disclosure; confidentiality impact). Patch referen...

2.1CVSS6AI score0.0037EPSS

CVE•added 2009/01/29 7:0 p.m.•62 views

CVE-2009-0348

CVE-2009-0348 affects Sun Java System Access Manager: login module responsiveness difference during failed logins allows remote username enumeration. Versions implicated: 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1. The description does not specify an exploit or affected patch level beyond th...

5CVSS6.4AI score0.08162EPSS

CVE•added 2009/07/01 12:26 p.m.•62 views

CVE-2009-2268

CVE-2009-2268 affects Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 where the Cross-Domain Controller (CDC) servlet is vulnerable to cross‑site scripting via unspecified vectors. The issue is evidenced in Nessus/Solaris patches that reference CVE-2009-2268 among related fixes (e.g., ...

2.6CVSS5.5AI score0.01648EPSS