Java System Access Manager Security Vulnerabilities and Issues — Java System Access Manager CVE List

Lucene search

SunJava System Access Manager

2 matches found

CVE•added 2009/07/01 1:0 p.m.•51 views

CVE-2009-2268

Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

2.6CVSS5.5AI score0.00245EPSS

CVE•added 2009/08/07 7:0 p.m.•46 views

CVE-2009-2712

Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.

2.1CVSS6AI score0.00057EPSS