[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-0169Date: (C)2009-01-16   (M)2023-12-22


Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.0
Exploit Score: 8.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1021604
SUNALERT-249106
BID-33266
ADV-2009-0157
http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1
sun-jsam-subrealm-privilege-escalation(47944)

CWE    1
CWE-264

© SecPod Technologies