Shodan
Vulnerabilities
Vulnerable Software
Sun:  >> Java System Access Manager  >> 7.1  Security Vulnerabilities
CVE-2008-1204
Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.
CVSS Score
4.3
EPSS Score
0.003
Published
2008-03-08
CVE-2007-5152
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.
CVSS Score
7.5
EPSS Score
0.018
Published
2007-10-01
CVE-2007-5153
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.038
Published
2007-10-01
CVE-2007-3700
Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the message debug level is configured in the com.iplanet.services.debug.level property in AMConfig.properties, logs cleartext login passwords, which allows local users to gain privileges by reading /var/opt/SUNWam/debug/amAuth.
CVSS Score
1.7
EPSS Score
0.001
Published
2007-07-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved