HIGH🇬🇧 English

CVE-2009-0169

CVSS 9.0v2.0pub. 2009-01-16upd. 2026-04-23

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
  • Sun Java System Access Manager

    APP
    Sun
    7.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2008-2945HIGH7.5ten sam produkt

Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly...

CVE-2008-2705HIGH9.3ten sam produkt

Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and conf...

CVE-2007-5152HIGH7.5ten sam produkt

Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does...

CVE-2006-0531HIGH7.2ten sam produkt

Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypa...

CVE-2010-4444MEDIUM6.8ten sam produkt

Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows rem...