CVE-2008-5423
Published Dec 11, 2008
Last updated 6 years ago
Overview
- Description
- Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 6.4
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.0:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D0CE9C1-18FF-4E85-B570-1A9771616559"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42C7BEE0-2BB5-4945-A352-380E6B89115F"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAE615D0-41D5-46DD-86D4-B226068C58A5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6DBDFD8C-371E-42D2-9635-D8CDD1775984"
},
{
"criteria": "cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "14CFA6D3-A611-4DF0-97AB-C30B79833DFA"
},
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7FBA68F0-4577-46F5-A754-D365B6EFF872"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6017DA4B-4B2C-4611-9DFC-25C4F429515C"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B17D330-9E56-478F-A2C2-D4524B04CC5C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E79CFAA6-A08A-4C70-A3D9-B02C29A17FF2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:1.1:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF7DCDD7-B3F1-4350-ACEC-A2D6176C3C99"
},
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:2.0:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C672780-F3E2-4EA3-B577-BB3FF8567AE1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42C7BEE0-2BB5-4945-A352-380E6B89115F"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAE615D0-41D5-46DD-86D4-B226068C58A5"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:1.1:*:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8A8665A-796E-4209-B76B-13461E9BC88A"
},
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:2.0:*:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3998743C-A5B6-4751-9CE7-B964D52B21FD"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6017DA4B-4B2C-4611-9DFC-25C4F429515C"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B17D330-9E56-478F-A2C2-D4524B04CC5C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:1.1:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE37C26E-746B-4939-A80E-1DC80D78EB83"
},
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:2.0:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "328EAA35-CBAC-4D12-974A-E2934753D0B5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1.1:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD210ED7-C05B-45D2-BE3F-19ED9E8AB274"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2621BD59-0ED4-402E-98EB-0F643078F4CB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1.1:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD210ED7-C05B-45D2-BE3F-19ED9E8AB274"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2621BD59-0ED4-402E-98EB-0F643078F4CB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:9:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "18BE709B-6EEB-489D-B982-6D0D978D1D20"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4:*:advanced_server:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0D89C3A6-C174-4D55-8DB8-343627516967"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.0:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E517321-3661-4C8C-9404-E90933FD10D4"
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11873A8B-1C1F-4AD8-86AE-B3AEB58F58CE"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:8:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "03633A39-A07A-41B1-BF47-3DA3591F7896"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3:*:advanced_server:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "80220C9F-4E73-448C-8E2E-F1AECAD56419"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]