Vulnerabilites related to sun - opensso_enterprise
Vulnerability from fkie_nvd
Published
2009-08-07 19:00
Modified
2025-04-09 00:30
Severity ?
Summary
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
References
cve@mitre.orghttp://osvdb.org/56815
cve@mitre.orghttp://secunia.com/advisories/36169Vendor Advisory
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1Patch
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1Patch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/35963
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/2177
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/56815
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36169Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35963
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2177
Impacted products
Vendor Product Version
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 7.1
sun java_system_access_manager 7.1
sun java_system_access_manager 7.1
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 7.1
sun java_system_access_manager 7.1
sun java_system_access_manager 7.1
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 6.3_2005q1
sun java_system_access_manager 7.1
sun java_system_access_manager 7.1
sun java_system_access_manager 7.1
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 7_2005q4
sun java_system_access_manager 7.0_2005q4
sun java_system_access_manager 7.1
sun java_system_web_server 7.0
sun java_system_access_manager 7.1
sun opensso_enterprise 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_10_sparc:*:*:*:*:*",
              "matchCriteriaId": "8ED84EE5-2C53-4A8E-98B7-4F9181D4E192",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_8_sparc:*:*:*:*:*",
              "matchCriteriaId": "BF718ABC-42C7-4FE1-82A0-00F3506F1D42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_9_sparc:*:*:*:*:*",
              "matchCriteriaId": "F590A1DC-7E1B-44CF-83D2-3FEDA91765C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_10_sparc:*:*:*:*:*",
              "matchCriteriaId": "28F24915-078C-4E4B-B173-671F0ABF9656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_8_sparc:*:*:*:*:*",
              "matchCriteriaId": "CAABA44E-5FD1-4B71-A4DE-9DC671DD8223",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_9_sparc:*:*:*:*:*",
              "matchCriteriaId": "2A857F82-4146-48E9-8568-19393AC3856B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_10_sparc:*:*:*:*:*",
              "matchCriteriaId": "B56B9BD3-2708-46C3-850D-865599F88BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_8_sparc:*:*:*:*:*",
              "matchCriteriaId": "B6391170-5831-4303-85E5-A51BB431E788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_9_sparc:*:*:*:*:*",
              "matchCriteriaId": "745D8651-B97C-48A9-AE4F-603A34516919",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_10_x86:*:*:*:*:*",
              "matchCriteriaId": "B0617E1B-FE70-442E-AEE6-BACC8515F005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_8_x86:*:*:*:*:*",
              "matchCriteriaId": "D2BC5828-0EF1-4640-91BF-9CC1E5FC6243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_9_x86:*:*:*:*:*",
              "matchCriteriaId": "9096D748-9527-4061-8106-526741831F35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_10_x86:*:*:*:*:*",
              "matchCriteriaId": "AD06B92E-C23C-4648-A585-14FC54538FA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_8_x86:*:*:*:*:*",
              "matchCriteriaId": "4930E838-993A-4DA1-B504-4675EE20CF69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_9_x86:*:*:*:*:*",
              "matchCriteriaId": "2D28C8EF-7525-48A0-A13A-EA95479A3B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_10_x86:*:*:*:*:*",
              "matchCriteriaId": "207157F9-0AE4-45FB-A3DC-90C1F6E5376E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_8_x86:*:*:*:*:*",
              "matchCriteriaId": "9E8B1333-125A-44F7-A6C3-4B04D3FC9A8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_9_x86:*:*:*:*:*",
              "matchCriteriaId": "92BC8B61-3F58-43B3-9756-616376D4D2DC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_10_linux:*:*:*:*:*",
              "matchCriteriaId": "B9D7AA3C-6565-4291-A76F-3BE9311B77F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_8_linux:*:*:*:*:*",
              "matchCriteriaId": "95ADB790-EF2D-4613-9F69-F37401518511",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:6.3_2005q1:*:solaris_9_linux:*:*:*:*:*",
              "matchCriteriaId": "9E64CD07-4AF7-49C4-A3C0-EE2BF9E067A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_10_linux:*:*:*:*:*",
              "matchCriteriaId": "D8C9CC43-EFB5-4192-81F2-0373961A7078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_8_linux:*:*:*:*:*",
              "matchCriteriaId": "479657F1-8950-4C6C-9CD2-5FE3DF235E24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_9_linux:*:*:*:*:*",
              "matchCriteriaId": "6F238642-873A-4A50-BF14-6B173A20A36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_10_linux:*:*:*:*:*",
              "matchCriteriaId": "3DA96674-2050-4686-A592-F450655073E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_8_linux:*:*:*:*:*",
              "matchCriteriaId": "5382933D-E32D-47F5-8892-65B94E06BD15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7_2005q4:*:solaris_9_linux:*:*:*:*:*",
              "matchCriteriaId": "644C3EA4-607C-42E7-805B-8F2EF6AF694E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:windows:*:*:*:*:*",
              "matchCriteriaId": "B7821A43-2549-4B75-A201-95A3AC58E8BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "36C5F1CB-FEDE-4C19-B056-C846C86FDE8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_web_server:7.0:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "134929FE-2EBA-4B55-904F-111A658160F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:7.1:*:war:*:*:*:*:*",
              "matchCriteriaId": "72304F6F-83F9-4207-93D9-6886AD9E88A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:opensso_enterprise:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D05F3A1-C5F3-43CA-9150-17FE55A89A30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files."
    },
    {
      "lang": "es",
      "value": "Sun Java System Access Manager v6.3 2005Q1, v7.0 2005Q4, y v7.1; y OpenSSO Enterprise v8.0;  cuando AMConfig.properties permite a la marca de depuraci\u00f3n, permite a los usuarios locales descubrir contrase\u00f1as en texto claro mediante la lectura de archivos de depuraci\u00f3n."
    }
  ],
  "id": "CVE-2009-2712",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-08-07T19:00:01.110",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/56815"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36169"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/35963"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/2177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/56815"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2177"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2010-01-14 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.
References
cve@mitre.orghttp://osvdb.org/61658
cve@mitre.orghttp://secunia.com/advisories/38130Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1023447
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1Patch
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/37755
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0108Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/55572
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/61658
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38130Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023447
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37755
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0108Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/55572
Impacted products
Vendor Product Version
sun java_system_identity_server 8.1.0.5
sun java_system_identity_server 8.1.0.6
ibm tivoli_access_manager_for_e-business *
sun java_system_access_manager *
sun opensso_enterprise 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_identity_server:8.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCDA71AD-2BAE-42DC-A050-76B4932141B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_identity_server:8.1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "28F834A5-E3BE-4A83-83C3-1EF5FB2F10D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AACE9A-B450-433E-AF0D-06A82D728AD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_access_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2402481-C481-4FB6-9415-2504B3B93F7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sun:opensso_enterprise:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D05F3A1-C5F3-43CA-9150-17FE55A89A30",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Sun Java System Identity Manager (tambi\u00e9n conocido como IdM) v8.1.0.5 y v8.1.0.6, cuando se usa con Sun Java System Access Manager, OpenSSO Enterprise v8.0 o IBM Tivoli Access Manager, permite a atacantes remotos obtener acceso como administrador a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2010-0311",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-14T19:30:00.547",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/61658"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38130"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023447"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37755"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0108"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/61658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38130"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-2712 (GCVE-0-2009-2712)
Vulnerability from cvelistv5
Published
2009-08-07 18:33
Modified
2024-08-07 05:59
Severity ?
CWE
  • n/a
Summary
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
References
http://osvdb.org/56815 vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/bid/35963 vdb-entry, x_refsource_BID
http://secunia.com/advisories/36169 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1 x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1 vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2009/2177 vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:59:56.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "56815",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/56815"
          },
          {
            "name": "35963",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35963"
          },
          {
            "name": "36169",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36169"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1"
          },
          {
            "name": "256668",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1"
          },
          {
            "name": "ADV-2009-2177",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2177"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-08-12T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "56815",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/56815"
        },
        {
          "name": "35963",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35963"
        },
        {
          "name": "36169",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36169"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1"
        },
        {
          "name": "256668",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1"
        },
        {
          "name": "ADV-2009-2177",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2177"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-2712",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "56815",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/56815"
            },
            {
              "name": "35963",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35963"
            },
            {
              "name": "36169",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36169"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1"
            },
            {
              "name": "256668",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1"
            },
            {
              "name": "ADV-2009-2177",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2177"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-2712",
    "datePublished": "2009-08-07T18:33:00",
    "dateReserved": "2009-08-07T00:00:00",
    "dateUpdated": "2024-08-07T05:59:56.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0311 (GCVE-0-2010-0311)
Vulnerability from cvelistv5
Published
2010-01-14 19:00
Modified
2024-08-07 00:45
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.
References
http://www.securityfocus.com/bid/37755 vdb-entry, x_refsource_BID
http://securitytracker.com/id?1023447 vdb-entry, x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/55572 vdb-entry, x_refsource_XF
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1 vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/38130 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1 x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/0108 vdb-entry, x_refsource_VUPEN
http://osvdb.org/61658 vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:11.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "37755",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37755"
          },
          {
            "name": "1023447",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023447"
          },
          {
            "name": "jsim-unspecified-security-bypass(55572)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
          },
          {
            "name": "275010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
          },
          {
            "name": "38130",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38130"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
          },
          {
            "name": "ADV-2010-0108",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0108"
          },
          {
            "name": "61658",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/61658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "37755",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37755"
        },
        {
          "name": "1023447",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023447"
        },
        {
          "name": "jsim-unspecified-security-bypass(55572)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
        },
        {
          "name": "275010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
        },
        {
          "name": "38130",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38130"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
        },
        {
          "name": "ADV-2010-0108",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0108"
        },
        {
          "name": "61658",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/61658"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "37755",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37755"
            },
            {
              "name": "1023447",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023447"
            },
            {
              "name": "jsim-unspecified-security-bypass(55572)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
            },
            {
              "name": "275010",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
            },
            {
              "name": "38130",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38130"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
            },
            {
              "name": "ADV-2010-0108",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0108"
            },
            {
              "name": "61658",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/61658"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0311",
    "datePublished": "2010-01-14T19:00:00",
    "dateReserved": "2010-01-14T00:00:00",
    "dateUpdated": "2024-08-07T00:45:11.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}