Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java system access manager 7.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0847
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Authentication.
Oracle Sun Products Suite 8.0
Oracle Sun Products Suite 7.1
NA
CVE-2011-0844
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote malicious users to affect integrity via unknown vectors related to Authentication.
Oracle Sun Products Suite 8.0
Oracle Sun Products Suite 7.1
NA
CVE-2010-4444
Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors.
Sun Java System Access Manager
Oracle Opensso 7.1
Oracle Opensso 7
Oracle Opensso 8
NA
CVE-2010-0894
Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote malicious users to affect confidentiality and integrity via unknown vectors.
Oracle Sun Products Suite 7.1
Oracle Sun Products Suite 7.0
Oracle Opensso Enterprise 8.0
NA
CVE-2009-2712
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
Sun Opensso Enterprise 8.0
NA
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
NA
CVE-2009-2268
Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 6
Sun Java System Access Manager 7.0
Sun Java System Access Manager 6.0 2005q1
NA
CVE-2009-1084
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not properly restrict access to the System Configuration object, which allows remote authenticated administrators and possibly remote malicious users to have an unspecified impact by modifying this object.
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-0348
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
1 EDB exploit
NA
CVE-2009-0169
Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.
Sun Java System Access Manager 7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »