Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Virtual Desktop Infrastructure
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3923 1 Sun 2 Virtual Desktop Infrastructure, Virtualbox 2024-11-21 7.5 HIGH N/A
The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
CVE-2009-2856 1 Sun 2 Solaris, Virtual Desktop Infrastructure 2024-11-21 3.5 LOW N/A
Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network.