CVE-2008-5422

Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors.

Published: Dec 11, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5422
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
sun / ray_server_software	3.0	3.0.x
sun / ray_server_software	3.1	3.1.x
sun / ray_server_software	4.0	4.0.x
sun / ray_server_software	3.1.1	3.1.1.x

http://secunia.com/advisories/33108
http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1
http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm
http://www.securityfocus.com/bid/32769
http://www.securitytracker.com/id?1021383
http://www.vupen.com/english/advisories/2008/3406
https://exchange.xforce.ibmcloud.com/vulnerabilities/47253

Vulnerability Database

290,020

CVE-2008-5422