Описание
Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sun:java_system_access_manager:7.1:*:linux:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_sparc:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_x86:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:windows:*:*:*:*:*
EPSS
Процентиль: 80%
0.01436
Низкий
9 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.
EPSS
Процентиль: 80%
0.01436
Низкий
9 Critical
CVSS2
Дефекты
CWE-264