CVE-2008-2705

Published: Jun 16, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors.

Affected (1)

Products: Sun: Java System Access Manager

Sun

1 product

Java System Access Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sun Java System Access Manager	Version 7.1

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (12)

http://secunia.com/advisories/30652

Source: cve@mitre.org

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-238416-1

Source: cve@mitre.org

http://www.securityfocus.com/bid/29676

Source: cve@mitre.org

http://www.securitytracker.com/id?1020273

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1806

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/43004

Source: cve@mitre.org

http://secunia.com/advisories/30652