CVE-2009-0169

CWE-2643 documents3 sources

Severity

9.0CRITICAL

EPSS

1.4%

top 19.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java System Access Manager

Timeline

PublishedJan 16

Latest updateMay 2

Description

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDsun/java_system_access_manager7.1

Patches

Patch: sunsolve.sun.com ↗Patch: www.securityfocus.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-qx89-xhcp-6f84: Sun Java System Access Manager 7↗2022-05-02

▶

CVEList

CVE-2009-0169: Sun Java System Access Manager 7↗2009-01-16

▶