Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java system access manager 7.1 vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2008-2705
Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote malicious users to bypass authentication via unspecified vectors.
Sun Java System Access Manager 7.1
801
VMScore
CVE-2009-0169
Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.
Sun Java System Access Manager 7.1
668
VMScore
CVE-2008-2945
Sun Java System Access Manager 6.3 up to and including 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent malicious users to execute arbitrary code via a crafted stylesh...
Sun Java System Access Manager 7.0
Sun Java System Access Manager 7.1
Sun Java System Identity Server 6.1
Sun Java System Identity Server 6.2
Sun Java System Access Manager 6.3
668
VMScore
CVE-2007-5152
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote malicious users to perform administrative tasks.
Sun Java System Access Manager 7.1
Sun Java System Application Server 9.1
605
VMScore
CVE-2010-4444
Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors.
Sun Java System Access Manager
Oracle Opensso 7.1
Oracle Opensso 7
Oracle Opensso 8
605
VMScore
CVE-2007-5153
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote malicious users to execute arbitrary code via unspecified vectors.
Sun Java System Application Server 8.1
Sun Java System Application Server 8.2
Sun Java System Access Manager 7.1
570
VMScore
CVE-2009-1084
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not properly restrict access to the System Configuration object, which allows remote authenticated administrators and possibly remote malicious users to have an unspecified impact by modifying this object.
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 8.0
534
VMScore
CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 6.3
516
VMScore
CVE-2010-0894
Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote malicious users to affect confidentiality and integrity via unknown vectors.
Oracle Sun Products Suite 7.1
Oracle Sun Products Suite 7.0
Oracle Opensso Enterprise 8.0
505
VMScore
CVE-2009-0348
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »