CVE-2004-0701

3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.1%

top 77.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN RAY Server Software

Timeline

PublishedJul 27

Latest updateApr 29

Description

Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which could cause a user session to stay logged in and allow local users to gain unauthorized access.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDsun/ray1.3, 2.0+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-c4rg-jcg2-4w8c: Sun Ray Server Software (SRSS) 1↗2022-04-29

▶

CVEList

CVE-2004-0701: Sun Ray Server Software (SRSS) 1↗2004-07-21

▶