Description
Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device.
References (2)
Core 2
Core References
Patch x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-139548-03-1
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268228-1
Scores
EPSS
0.0005
EPSS Percentile
15.9%
Details
CWE
CWE-264
Status
published
Products (1)
sun/ray_server_software
4.1 (2 CPE variants)
Published
Dec 14, 2009
Tracked Since
Feb 18, 2026