Privilege Escalation in Sun Java System Identity Manager by Authenticated Users
CVE-2009-1082

Currently unrated

Key Information:

Vendor
Oracle
Status
Java System Identity Manager
Vendor
CVE Published:
25 March 2009

Summary

The Sun Java System Identity Manager versions 7.0 and 8.0 exhibit a vulnerability that allows remote authenticated users to gain elevated privileges. This can be exploited by submitting specially crafted commands to the Admin Console, compromising security by enabling unauthorized account creation and other administrative functions. The vulnerability is particularly associated with the saveNoValidate action and specific form workflows, posing significant risks to users and systems relying on this software.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-21-...
x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-21-...
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.