Privilege Escalation in Sun Java System Access Manager 7.1
CVE-2009-0169

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
16 January 2009

Summary

The Sun Java System Access Manager 7.1 has a vulnerability that permits remote authenticated sub-realm administrators to elevate their privileges. This occurs through the creation of an 'amadmin' account within a sub-realm. Once established, these administrators can exploit their elevated status to log in as 'amadmin' in the root realm, thereby gaining unauthorized access and control over sensitive system functions.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.