CVE-2009-1074

Name of the Vulnerable Software and Affected Versions Sun Java System Identity Manager versions 7.0 through 8.0

Description The issue allows remote attackers to obtain sensitive information by sniffing the network due to the lack of SSL usage in all expected circumstances. This is related to the use of "ssl termination devices" and the lack of support for relative URLs.

Recommendations For Sun Java System Identity Manager versions 7.0 through 8.0, ensure that SSL is properly configured and used in all expected circumstances to prevent sensitive information from being obtained by remote attackers. Consider implementing additional security measures to protect against network sniffing attacks.