CVE-2023-21985 in Solarisالمعلومات

الملخص

بحسب MITRE • 18/04/2023

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H).

If you want to get best quality of vulnerability data, you may have to visit VulDB.

مسؤول

Oracle

حجز

17/12/2022

إفشاء

18/04/2023

الاعتدال

تمت الموافقة

إدخال

VDB-226724

EPSS

0.00228

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!