CVE-2009-1076

CVE-2009-1076 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the end-user question-based login feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

Learn more about our User Device Pen Test.