Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.
AV:N/AC:L/Au:N/C:P/I:P/A:PSun Java System Access Manager
APPSun7.1Sun Java System Application Server
APPSun9.1
Related vulnerabilities
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System...
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, ...
Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as...
Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly...
Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and conf...