Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0170

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2009-0170
Last Modified 07 Mar 2011 10:18:01
Published 16 Jan 2009 04:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2009-0170

Summary

Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.

Vulnerable Systems

Application

  • Sun Java System Access Manager 6.3 2005q4

  • Sun Java System Access Manager 7.0 2005q4

  • Sun Java System Access Manager 7.1


References

BID - 33265

SUNALERT - 242166

CONFIRM - http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1

XF - sun-jsam-password-info-disclosure(47942)

VUPEN - ADV-2009-0156

SECTRACK - 1021605


Last Updated: 27 May 2016 10:50:08