The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote malicious users to bypass intended policy.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun java system application server 9.0_0.1 |