ID CVE-2018-2917
Summary Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:-:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.7.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.7.13:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 104783
confirm http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
sectrack 1041303
Last major update 03-10-2019 - 00:03
Published 18-07-2018 - 13:29
Last modified 03-10-2019 - 00:03
Back to Top