Security Advisory

CVE-2009-1076

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-03-25 15:00:00

Last updated 2024-09-16 22:36:44

Assigner mitre

State PUBLISHED

Description

Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the end-user question-based login feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

← Browse all CVEs View on cve.org ↗