7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.4%
Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic.
CPE | Name | Operator | Version |
---|---|---|---|
sun:ray_server_software | sun ray server software | eq | 4.0 |
sun:ray_server_software | sun ray server software | eq | 4.1 |