CVE-2008-5422

Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:sun:ray_server_software:3.0:*:sparc:*:*:*:*:*
cpe:2.3:a:sun:ray_server_software:3.1:*:sparc:*:*:*:*:*
cpe:2.3:a:sun:ray_server_software:4.0:*:sparc:*:*:*:*:*
OR cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:sun:ray_server_software:3.1:*:x86:*:*:*:*:*
cpe:2.3:a:sun:ray_server_software:4.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:sun:ray_server_software:3.1.1:*:linux:*:*:*:*:*
cpe:2.3:a:sun:ray_server_software:4.0:*:linux:*:*:*:*:*
OR cpe:2.3:o:novell:suse_linux_enterprise_server:9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4:*:advanced_server:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:a:sun:ray_server_software:3.0:*:linux:*:*:*:*:*
cpe:2.3:a:sun:ray_server_software:3.1:*:linux:*:*:*:*:*
OR cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3:*:advanced_server:*:*:*:*:*

History

21 Nov 2024, 00:54

Type Values Removed Values Added
References () http://secunia.com/advisories/33108 - () http://secunia.com/advisories/33108 -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1 - Patch, Vendor Advisory () http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1 - Patch, Vendor Advisory
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1 - Patch, Vendor Advisory () http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1 - Patch, Vendor Advisory
References () http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm - () http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm -
References () http://www.securityfocus.com/bid/32769 - Patch () http://www.securityfocus.com/bid/32769 - Patch
References () http://www.securitytracker.com/id?1021383 - () http://www.securitytracker.com/id?1021383 -
References () http://www.vupen.com/english/advisories/2008/3406 - () http://www.vupen.com/english/advisories/2008/3406 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/47253 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/47253 -

Information

Published : 2008-12-11 15:30

Updated : 2024-11-21 00:54


NVD link : CVE-2008-5422

Mitre link : CVE-2008-5422

CVE.ORG link : CVE-2008-5422


JSON object : View

Products Affected

redhat

  • enterprise_linux

sun

  • ray_server_software
  • java_desktop_system
  • solaris

novell

  • suse_linux_enterprise_server
CWE
CWE-264

Permissions, Privileges, and Access Controls