Sun Java System Access Manager Local Authentication Bypass Vulnerability

Sun Java System Access Manager Local Authentication Bypass Vulnerability

Sun Java System Access Manager is susceptible to a local authentication-bypass vulnerability. This issue is due to the application's failure to require proper credentials before allowing local users to administer the application.

This issue allows local users with superuser access on affected computers to administer the Access Manager installation as a top-level administrator. Further attacks (such as gaining access to services that use the Access Manager software as its authorization source) are possible.