AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2008-5422: Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover

infovulnerability

security

Source: NVD/CVE DatabaseDecember 11, 2008CVE-2008-5422

Summary

Sun Ray Server Software versions 3.1 through 4.0 had a vulnerability where access controls were not properly enforced, allowing remote attackers (hackers accessing the system from elsewhere on a network) to discover the administration password and gain unauthorized access to the Data Store and Administration GUI (graphical user interface, the control panel for the system). The exact method of attack was not publicly detailed.

Vulnerability Details

CVSS Score

7.5

EPSS (30-day exploit probability)

EPSS: 1.3%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-264

Original source: https://nvd.nist.gov/vuln/detail/CVE-2008-5422

First tracked: February 15, 2026 at 08:46 PM

Classified by LLM (prompt v3) · confidence: 95%