Access Control Vulnerability in Sun Ray Server Software by Sun Microsystems
CVE-2008-5422

Currently unrated

Key Information:

Vendor

Oracle
Status
Ray Server Software
Vendor
CVE Published:
11 December 2008

What is CVE-2008-5422?

The Sun Ray Server Software versions 3.1 through 4.0 has a vulnerability that fails to adequately restrict access control. This flaw potentially allows remote attackers to exploit unspecified vectors to discover the administrator password. Once compromised, attackers can gain unauthorized access to the Data Store and the Administration GUI, leading to serious security breaches. Administrators are advised to implement additional security measures to protect sensitive credentials and access points.

References

http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm
x_refsource_CONFIRM
http://secunia.com/advisories/33108
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/32769
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-5422 : Access Control Vulnerability in Sun Ray Server Software by Sun Microsystems