CVE-2008-2705

SUN Java System Access Manager - Authentication Bypass

Title source: rule

Description

Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors.

References (6)

[Vendor Advisory] http://secunia.com/advisories/30652

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-26-238416-1

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43004

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/29676

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1020273

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/1806

Scores

EPSS 0.0035

EPSS Percentile 57.1%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

sun/java_system_access_manager

Timeline

Published Jun 16, 2008

Tracked Since Feb 18, 2026