Local Password Exposure in Sun Java System Access Manager and OpenSSO Enterprise
CVE-2009-2712

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
7 August 2009

Summary

The Sun Java System Access Manager and OpenSSO Enterprise products, when configured to enable the debug flag in AMConfig.properties, pose a risk by allowing local users to extract sensitive cleartext passwords stored within debug files. This vulnerability exposes critical authentication information, which can lead to further compromises within the affected systems.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.