VYPR
Unrated severityNVD Advisory· Published Aug 18, 2009· Updated Jun 16, 2026

CVE-2009-2856

CVE-2009-2856

Description

Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.