CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
83.7%
Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the “bind-dn” criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.
Vendor | Product | Version | CPE |
---|---|---|---|
sun | java_system_directory_server | 6.0 | cpe:2.3:a:sun:java_system_directory_server:6.0:*:*:*:*:*:*:* |
sun | java_system_directory_server | 6.1 | cpe:2.3:a:sun:java_system_directory_server:6.1:*:*:*:*:*:*:* |
sun | java_system_directory_server | 6.2 | cpe:2.3:a:sun:java_system_directory_server:6.2:*:*:*:*:*:*:* |