CVE-2009-4314

Published: Dec 14, 2009Modified: Apr 23, 2026

4.4

Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 3.4 / Impact: 6.4

Source: NVD

Description

Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device.

Affected (2)

Products: Sun: Ray Server Software

1 product

Ray Server Software

Configuration A

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Sun Ray Server Software	Version 4.1
Sun Ray Server Software	Version 4.1

Running on/with	Platform Versions
Sun Solaris	Version 10
Sun Solaris	Version 10

Related CWEs

References (4)

http://sunsolve.sun.com/search/document.do?assetkey=1-21-139548-03-1

Source: cve@mitre.org

Patch

http://sunsolve.sun.com/search/document.do?assetkey=1-66-268228-1

Source: cve@mitre.org

PatchVendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-21-139548-03-1

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://sunsolve.sun.com/search/document.do?assetkey=1-66-268228-1

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.