Vulnerability Details CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v2 Score 6.0
References
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-242166-1
- http://www.securityfocus.com/bid/33265
- http://www.securitytracker.com/id?1021605
- http://www.vupen.com/english/advisories/2009/0156
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47942
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-242166-1
- http://www.securityfocus.com/bid/33265
- http://www.securitytracker.com/id?1021605
- http://www.vupen.com/english/advisories/2009/0156
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47942
Products affected by CVE-2009-0170
-
cpe:2.3:a:sun:java_system_access_manager:6.3
-
cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4
-
cpe:2.3:a:sun:java_system_access_manager:7.1