Vulnerability Description
Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Ray Server Software | 4.1 |
| Sun | Solaris | 10 |
Related Weaknesses (CWE)
References
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139548-03-1Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-268228-1PatchVendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139548-03-1Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-268228-1PatchVendor Advisory
FAQ
What is CVE-2009-4314?
CVE-2009-4314 is a vulnerability with a CVSS score of 4.4 (MEDIUM). Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for phys...
How severe is CVE-2009-4314?
CVE-2009-4314 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4314?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Ray Server Software, Sun Solaris.