Authentication Bypass Vulnerability in Sun Java System Access Manager by Sun Microsystems
CVE-2008-2705

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Access Manager
Vendor: CVE Published:; 16 June 2008

Summary

A security vulnerability exists in Sun Java System Access Manager 7.1 when used in conjunction with specific versions and configurations of Sun Directory Server Enterprise Edition. This flaw allows remote attackers to bypass authentication mechanisms, potentially gaining unauthorized access to sensitive resources. The vulnerability arises due to unspecified vectors, highlighting the need for users to review their configurations and apply best practices to mitigate risks associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/43004

vdb-entryx_refsource_XF

http://secunia.com/advisories/30652

third-party-advisoryx_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Jun 16, 2008
Vulnerability Reserved
Jun 16, 2008