製品・ソフトウェアに関する情報

JVN脆弱性詳細

Sun Java System Identity Manager における管理アクセス権限を取得される脆弱性

Title	Sun Java System Identity Manager における管理アクセス権限を取得される脆弱性
Summary	Sun Java System Identity Manager には、Sun Java System Access Manager、OpenSSO Enterprise、または IBM Tivoli Access Manager を使用している際、管理アクセス権限を取得される脆弱性が存在します。
Possible impacts	第三者により、管理アクセス権限を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Jan. 11, 2010, midnight
Registration Date	Dec. 20, 2012, 7:28 p.m.
Last Update	Dec. 20, 2012, 7:28 p.m.

Affected System

サン・マイクロシステムズ

java system identity server 8.1.0.5 および 8.1.0.6

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-0311	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0311
National Vulnerability Database (NVD)
2	CVE-2010-0311	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0311

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
Sun
1	Sun Alert 275010	https://blogs.oracle.com/sunsecurity/entry/sun_alert_275010_security_vulnerability

Change Log

No	Changed Details	Date of change
0	[2012年12月20日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-0311

Summary	Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.
Summary	Vulnerabilidad no especificada en Sun Java System Identity Manager (también conocido como IdM) v8.1.0.5 y v8.1.0.6, cuando se usa con Sun Java System Access Manager, OpenSSO Enterprise v8.0 o IBM Tivoli Access Manager, permite a atacantes remotos obtener acceso como administrador a través de vectores desconocidos.
Publication Date	Jan. 15, 2010, 4:30 a.m.
Registration Date	Jan. 29, 2021, 10:56 a.m.
Last Update	April 23, 2026, 9:35 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:sun:java_system_identity_server:8.1.0.5:::::::*
cpe:2.3:a:sun:java_system_identity_server:8.1.0.6:::::::*

Configuration2		or higher	or less	more than	less than

Related information, measures and tools

No	URL	refsource
1	http://osvdb.org/61658	cve@mitre.org
2	http://secunia.com/advisories/38130	cve@mitre.org
3	http://securitytracker.com/id?1023447	cve@mitre.org
4	http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1	cve@mitre.org
5	http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1	cve@mitre.org
6	http://www.securityfocus.com/bid/37755	cve@mitre.org
7	http://www.vupen.com/english/advisories/2010/0108	cve@mitre.org
8	https://exchange.xforce.ibmcloud.com/vulnerabilities/55572	cve@mitre.org
9	http://osvdb.org/61658	af854a3a-2127-422b-91ae-364da2661108
10	http://secunia.com/advisories/38130	af854a3a-2127-422b-91ae-364da2661108
11	http://securitytracker.com/id?1023447	af854a3a-2127-422b-91ae-364da2661108
12	http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1	af854a3a-2127-422b-91ae-364da2661108
13	http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1	af854a3a-2127-422b-91ae-364da2661108
14	http://www.securityfocus.com/bid/37755	af854a3a-2127-422b-91ae-364da2661108
15	http://www.vupen.com/english/advisories/2010/0108	af854a3a-2127-422b-91ae-364da2661108
16	https://exchange.xforce.ibmcloud.com/vulnerabilities/55572	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List