Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0169

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2009-0169
Last Modified 07 Mar 2011 10:18:01
Published 16 Jan 2009 04:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2009-0169

Summary

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.

Vulnerable Systems

Application

  • Sun Java System Access Manager 7.1


References

BID - 33266

CONFIRM - http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1

XF - sun-jsam-subrealm-privilege-escalation(47944)

VUPEN - ADV-2009-0157

SECTRACK - 1021604

SUNALERT - 249106


Last Updated: 27 May 2016 11:03:46