CVE-2009-4879

2022-10-0316:24:02

mitre

www.cve.org

identity server

access control

bypass

x.509 authentication

novell access manager

active directory

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

33.0%

JSON

The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.

References

www.novell.com/documentation/novellaccessmanager31/accessmanager_readme/data/accessmanager_readme.html

www.securitytracker.com/id?1022581