Executive Summary
Summary | |
---|---|
Title | Sun Alert 240365 Security Vulnerability in Sun Ray Server Software May Compromise the Sun Ray Administration Password |
Informations | |||
---|---|---|---|
Name | SUN-240365 | First vendor Publication | 2008-12-05 |
Vendor | Sun | Last vendor Modification | 2008-12-05 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Sun Ray Server Software 3.1 Sun Ray Server Software 3.1.1 Sun Ray Server Software 4.0 A security vulnerability in Sun Ray Server Software may allow remote unprivileged users to gain access to the Sun Ray administration password, which in turn would allow unauthorized remote access to the Sun Ray Data Store and unauthorized access to the Sun Ray Administration GUI as the built-in 'admin' user. State: Resolved First released: 03-Dec-2008 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_240365_security_vulnerability |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
51175 | Sun Ray Server Software (SRSS) Unspecified Remote Admin Password Disclosure |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-12-17 | Name : The remote host is missing Sun Security Patch number 127553-08 File : solaris10_127553.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2013-02-06 19:08:17 |
|