X.509 Authentication Bypass in Novell Access Manager
CVE-2009-4879

Currently unrated

Key Information:

Vendor: Novell
Status: Access Manager
Vendor: CVE Published:; 26 May 2010

Summary

The Identity Server in Novell Access Manager prior to version 3.1 SP1 is vulnerable to an authentication bypass issue where attackers with disabled Active Directory accounts can authenticate via X.509 certificates. This vulnerability undermines the intended access control mechanisms, allowing unauthorized users to gain access to protected resources, thus posing a significant risk to system security and data integrity.

References

http://www.securitytracker.com/id?1022581

vdb-entryx_refsource_SECTRACK

http://www.novell.com/documentation/novellaccessmanager31...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 26, 2010