CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
58.5%
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not properly restrict access to the System Configuration object, which allows remote authenticated administrators and possibly remote attackers to have an unspecified impact by modifying this object.
Vendor | Product | Version | CPE |
---|---|---|---|
sun | java_system_identity_manager | 7.0 | cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:* |
sun | java_system_identity_manager | 7.1 | cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:* |
sun | java_system_identity_manager | 7.1.1 | cpe:2.3:a:sun:java_system_identity_manager:7.1.1:*:*:*:*:*:*:* |
sun | java_system_identity_manager | 8.0 | cpe:2.3:a:sun:java_system_identity_manager:8.0:*:*:*:*:*:*:* |
blogs.sun.com/security/entry/sun_alert_253267_sun_java
secunia.com/advisories/34380
securitytracker.com/id?1021881
sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1
sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1
sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1
www.securityfocus.com/bid/34191
www.vupen.com/english/advisories/2009/0797
exchange.xforce.ibmcloud.com/vulnerabilities/49607