VYPR
Unrated severityNVD Advisory· Published Mar 25, 2009· Updated Jun 16, 2026

CVE-2009-1078

CVE-2009-1078

Description

Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, which allows remote authenticated users to have an unspecified impact.

Affected products

5
  • cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:8.0:*:*:*:*:*:*:*
    • (no CPE)range: 7.0 - 8.0

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.