Executive Summary

Title Sun Alert 249106 A Security Vulnerability in Sun Java System Access Manager May Allow Privilege Escalation of Sub-Realm Administrators
Name SUN-249106 First vendor Publication 2009-01-12
Vendor Sun Last vendor Modification 2009-01-12
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score 9 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores


Product: Sun Java System Access Manager 7.1

A security vulnerability in Sun Java System Access Manager may allow a sub-realm administrator to escalate their privileges and access the root realm as an administrator.

State: Resolved
First released: 12-Jan-2009

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_249106_a_security

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

Application 4

Open Source Vulnerability Database (OSVDB)

Id Description
51382 Sun Java System Access Manager Unspecified Privilege Escalation

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-01-29 IAVM : 2009-T-0007 - Multiple Sun Java System Access Manager Vulnerabilities
Severity : Category II - VMSKEY : V0018223

Alert History

If you want to see full details history, please login or register.
Date Informations
2013-02-06 19:08:23
  • Multiple Updates