Executive Summary

Informations
Name CVE-2009-0169 First vendor Publication 2009-01-16
Vendor Cve Last vendor Modification 2017-08-08

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score 9 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0169

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4

Open Source Vulnerability Database (OSVDB)

Id Description
51382 Sun Java System Access Manager Unspecified Privilege Escalation

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-01-29 IAVM : 2009-T-0007 - Multiple Sun Java System Access Manager Vulnerabilities
Severity : Category II - VMSKEY : V0018223

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/33266
CONFIRM http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1
SECTRACK http://www.securitytracker.com/id?1021604
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-249106-1
VUPEN http://www.vupen.com/english/advisories/2009/0157
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/47944

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2020-05-23 00:23:14
  • Multiple Updates
2017-08-08 09:24:39
  • Multiple Updates
2013-11-11 12:38:10
  • Multiple Updates
2013-05-10 23:42:25
  • Multiple Updates