Lucene search

[email protected]CVE-2008-5422

HistoryDec 11, 2008 - 3:30 p.m.

CVE-2008-5422

2008-12-1115:30:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-5422

sun ray server

software security

remote access

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

JSON

Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors.

Affected configurations

NVD

Node

sunray_server_softwareMatch3.0sparc

sunray_server_softwareMatch3.1sparc

sunray_server_softwareMatch4.0sparc

AND

sunsolarisMatch8sparc

sunsolarisMatch9sparc

sunsolarisMatch10sparc

Node

sunray_server_softwareMatch3.1x86

sunray_server_softwareMatch4.0x86

AND

sunsolarisMatch10x86

Node

sunray_server_softwareMatch3.1.1linux

sunray_server_softwareMatch4.0linux

AND

novellsuse_linux_enterprise_serverMatch9

redhatenterprise_linuxMatch4advanced_server

Node

sunray_server_softwareMatch3.0linux

sunray_server_softwareMatch3.1linux

AND

sunjava_desktop_systemMatch2.0

novellsuse_linux_enterprise_serverMatch8

redhatenterprise_linuxMatch3advanced_server

CPENameOperatorVersion
sun:ray_server_softwaresun ray server softwareeq3.0
sun:ray_server_softwaresun ray server softwareeq3.1
sun:ray_server_softwaresun ray server softwareeq4.0

CPE	Name	Operator	Version
sun:ray_server_software	sun ray server software	eq	3.0
sun:ray_server_software	sun ray server software	eq	3.1
sun:ray_server_software	sun ray server software	eq	4.0

References

secunia.com/advisories/33108

sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1

sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1

support.avaya.com/elmodocs2/security/ASA-2008-502.htm

www.securityfocus.com/bid/32769

www.securitytracker.com/id?1021383

www.vupen.com/english/advisories/2008/3406

exchange.xforce.ibmcloud.com/vulnerabilities/47253

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

JSON

Related for CVE-2008-5422

nessus2 prion1 cvelist1 nvd1