Summary
The host is running Java System Access Manager and is prone to information disclosure vulnerability.
Impact
Successful exploitation could allow remote unprivileged user to gain the sensitive information.
Impact Level: Application
Solution
Apply the security updates.
http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1
*****
NOTE: Ignore this warning if above mentioned patch is already applied.
*****
Insight
Error in CDCServlet component is caused when 'Cross Domain Single Sign On' (CDSSO) is enabled which does not ensure that 'policy advice' is presented to the correct client, which can be exploited via unspecified vectors.
Affected
Java System Access Manager version 7.0 2005Q4 and 7.1
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-2713 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities