CVE-2009-2712
2.1
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD
Description
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Affected (32)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.3_2005q1 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.3_2005q1 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.3_2005q1 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.0_2005q4 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.0 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.1 | |
| Version 8.0 |
Related CWEs
References (12)
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.