CVE-2009-4879
Novell Access Manager < 3.1 SP1 - Authentication Bypass via X.509 Authentication
Title source: llmDescription
The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1022581
Vendor Advisory x_refsource_confirm
http://www.novell.com/documentation/novellaccessmanager31/accessmanager_readme/data/accessmanager_readme.html
Scores
EPSS
0.0010
EPSS Percentile
26.3%
Details
CWE
CWE-287
Status
published
Products (2)
novell/access_manager
3
novell/access_manager
< 3.1
Published
May 26, 2010
Tracked Since
Feb 18, 2026