1. Home
  2. CVE Database
  3. CVE-2008-5423
MEDIUM · 4.3

CVE-2008-5423

Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration ...

Vulnerability Description

Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector.

CVSS Score

4.3

MEDIUM

AV:L/AC:L/Au:S/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
SunRay Server Software3.0
SunSolaris8
SunRay Windows Connector1.1
NovellSuse Linux Enterprise Server9
RedhatEnterprise Linux4
SunJava Desktop System2.0

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2008-5423?

CVE-2008-5423 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration ...

How severe is CVE-2008-5423?

CVE-2008-5423 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-5423?

Check the references section above for vendor advisories and patch information. Affected products include: Sun Ray Server Software, Sun Solaris, Sun Ray Windows Connector, Novell Suse Linux Enterprise Server, Redhat Enterprise Linux.