Vulnerability CVE-2010-0311


Published: 2010-01-14   Modified: 2012-02-13

Description:
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
SUN -> Java system identity server 

 References:
http://xforce.iss.net/xforce/xfdb/55572
http://www.vupen.com/english/advisories/2010/0108
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1
http://securitytracker.com/id?1023447
http://secunia.com/advisories/38130
http://osvdb.org/61658

Copyright 2024, cxsecurity.com

 

Back to Top