CVE-2009-3923

The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
sunvirtual_desktop_infrastructure
3.0
sunvirtualbox
2.0.8
sunvirtualbox
2.0.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1
http://www.securityfocus.com/bid/36917
https://exchange.xforce.ibmcloud.com/vulnerabilities/54136
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1
http://www.securityfocus.com/bid/36917
https://exchange.xforce.ibmcloud.com/vulnerabilities/54136