CVE Vulnerability

CVE-2008-5423

Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.1 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://www.securityfocus.com/bid/32772
http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1 Patch
http://securitytracker.com/id?1021379
http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1 Patch Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1 Patch
http://secunia.com/advisories/33108
http://secunia.com/advisories/33119
http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm
http://www.vupen.com/english/advisories/2008/3407
http://www.vupen.com/english/advisories/2008/3406
https://exchange.xforce.ibmcloud.com/vulnerabilities/47258
Configurations

Configuration 1
Information

Published : 2008-12-11 03:30

Updated : 2018-10-30 04:25

NVD link : CVE-2008-5423

Mitre link : CVE-2008-5423

Products Affected
No products.
CWE
CWE-200