Sun Ray Server Software — known CVE vulnerabilities
Every CVE whose affected-product data names Sun Ray Server Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2009-4294 — CVSS 10.0 (critical): Unspecified vulnerability in the Authentication Manager (aka utauthd) in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to…
CVE-2008-2112 — CVSS 8.5 (high): Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges…
CVE-2007-6482 — CVSS 7.8 (high): Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote…
CVE-2009-4295 — CVSS 7.8 (high): Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU…
CVE-2002-2036 — CVSS 7.5 (high): Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by…
CVE-2008-5422 — CVSS 7.5 (high): Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray…
CVE-2007-6481 — CVSS 6.4 (medium): Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote…
CVE-2007-0482 — CVSS 4.6 (medium): cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 allows local users to obtain the utadmin password by reading a web…
CVE-2004-0701 — CVSS 4.6 (medium): Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly…
CVE-2009-2491 — CVSS 4.4 (medium): The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the…
CVE-2009-4314 — CVSS 4.4 (medium): Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by…
CVE-2008-5423 — CVSS 4.3 (medium): Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step…
CVE-2009-2489 — CVSS 2.1 (low): Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of…
CVE-2006-4049 — CVSS 2.1 (low): Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local users to create or overwrite arbitrary files…
CVE-2009-2490 — CVSS 1.9 (low): Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows…