{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T23:20:21.540","vulnerabilities":[{"cve":{"id":"CVE-2008-5115","sourceIdentifier":"cve@mitre.org","published":"2008-11-18T00:30:00.360","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to hijack the authentication of administrators for requests that update the password via idm/admin/changeself.jsp."},{"lang":"es","value":"Una vulnerabilidad de  tipo cross-site request forgery (CSRF) en Sun Java System Identity Manager en versiones 6.0 hasta 6.0 SP4 , versiones 7.0 y 7.1, permite a los atacantes remotos secuestrar la autenticación de administradores para peticiones que actualizan la contraseña por medio del archivo idm/admin/changeself.jsp."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*","matchCriteriaId":"13445915-DF3D-4C52-B1DC-9FC6BE0DD519"},{"vulnerable":true,"criteria":"cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*","matchCriteriaId":"D0C2964C-7435-4999-AF16-01CD9EF5782C"},{"vulnerable":true,"criteria":"cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*","matchCriteriaId":"51CFF484-5A52-41DC-A003-A9319DF2AFB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*","matchCriteriaId":"9A7E88DA-F3A8-4B0F-AD4F-8680C1FB3282"},{"vulnerable":true,"criteria":"cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*","matchCriteriaId":"861DEDA3-93A1-405A-BA2F-764AE4219D89"},{"vulnerable":true,"criteria":"cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*","matchCriteriaId":"0980492E-B7DB-4B9F-A400-FDC47DB89A95"},{"vulnerable":true,"criteria":"cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*","matchCriteriaId":"3A5C87C0-3734-4568-97A6-6AB8979AABE7"}]}]}],"references":[{"url":"http://osvdb.org/49766","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/32606","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr07-11","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/498479/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/32262","source":"cve@mitre.org"},{"url":"http://www.securitytracker.com/id?1021170","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2008/3128","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46553","source":"cve@mitre.org"},{"url":"http://osvdb.org/49766","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/32606","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr07-11","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/498479/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/32262","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id?1021170","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2008/3128","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46553","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}