Lucene search
K
SunJava System Access Manager

6 matches found

CVE
CVE
added 2009/08/07 6:33 p.m.76 views

CVE-2009-2713

Sun Java System Access Manager 7.0 (2005Q4) and 7.1 with Cross Domain Single Sign On enabled is affected by CVE-2009-2713. The issue is that the CDCServlet component does not ensure policy advice is presented to the correct client, enabling potential information disclosure via unspecified vectors...

4.3CVSS5.9AI score0.0171EPSS
CVE
CVE
added 2009/08/07 6:33 p.m.70 views

CVE-2009-2712

CVE-2009-2712 affects Sun Java System Access Manager (6.3/2005Q1, 7.0/2005Q4, 7.1) and OpenSSO/OpenSSO Enterprise 8.0. When AMConfig.properties enables the debug flag, local users can read debug files and discover cleartext passwords (information disclosure; confidentiality impact). Patch referen...

2.1CVSS6AI score0.0037EPSS
CVE
CVE
added 2009/01/29 7:0 p.m.63 views

CVE-2009-0348

CVE-2009-0348 affects Sun Java System Access Manager: login module responsiveness difference during failed logins allows remote username enumeration. Versions implicated: 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1. The description does not specify an exploit or affected patch level beyond th...

5CVSS6.4AI score0.08162EPSS
CVE
CVE
added 2009/07/01 12:26 p.m.63 views

CVE-2009-2268

CVE-2009-2268 affects Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 where the Cross-Domain Controller (CDC) servlet is vulnerable to cross‑site scripting via unspecified vectors. The issue is evidenced in Nessus/Solaris patches that reference CVE-2009-2268 among related fixes (e.g., ...

2.6CVSS5.5AI score0.01648EPSS
CVE
CVE
added 2009/01/16 9:0 p.m.50 views

CVE-2009-0170

Technical details about CVE-2009-0170 are not publicly available in the provided connected documents. Monitor for updates from vendors and advisories to determine affected products, impact, and fixes.

6CVSS6.2AI score0.01672EPSS
CVE
CVE
added 2009/01/16 9:0 p.m.48 views

CVE-2009-0169

CVE-2009-0169 affects Sun Java System Access Manager 7.1. The vulnerability allows a remote authenticated sub-realm administrator to escalate privileges by creating the amadmin account in the sub-realm and then logging in as amadmin in the root realm. The available data confirms an in-realm privi...

9CVSS6.8AI score0.02983EPSS