CVE-2009-1084
Sun Java System Identity Manager 7.0-8.0 - Unauthenticated Unspecified Impact via System Configuration Object
Title source: llmDescription
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not properly restrict access to the System Configuration object, which allows remote authenticated administrators and possibly remote attackers to have an unspecified impact by modifying this object.
References (9)
Core 9
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1
Patch x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1021881
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/34191
Patch x_refsource_confirm
http://blogs.sun.com/security/entry/sun_alert_253267_sun_java
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0797
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49607
Patch x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/34380
Scores
EPSS
0.0091
EPSS Percentile
76.1%
Details
CWE
CWE-264
Status
published
Products (4)
sun/java_system_identity_manager
7.0
sun/java_system_identity_manager
7.1
sun/java_system_identity_manager
7.1.1
sun/java_system_identity_manager
8.0
Published
Mar 25, 2009
Tracked Since
Feb 18, 2026