VYPR
Unrated severityNVD Advisory· Published May 26, 2010· Updated Jun 16, 2026

CVE-2009-4879

CVE-2009-4879

Description

The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.

Affected products

3
  • cpe:2.3:a:novell:access_manager:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:novell:access_manager:*:*:*:*:*:*:*:*range: <=3.1
    • cpe:2.3:a:novell:access_manager:3:*:*:*:*:*:*:*
    • (no CPE)range: < 3.1 SP1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.