The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1 - Patch, Vendor Advisory | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1 - | |
References | () http://www.securityfocus.com/bid/36917 - Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/54136 - |
Information
Published : 2009-11-10 00:30
Updated : 2024-11-21 01:08
NVD link : CVE-2009-3923
Mitre link : CVE-2009-3923
CVE.ORG link : CVE-2009-3923
JSON object : View
Products Affected
sun
- virtualbox
- virtual_desktop_infrastructure
CWE
CWE-287
Improper Authentication