Remote Authentication Vulnerability in Oracle Sun Systems Products Suite
CVE-2016-5457

8.8HIGH

Key Information:

Vendor
Oracle
Status
Integrated Lights Out Manager Firmware
Vendor
CVE Published:
21 July 2016

Summary

A vulnerability in the ILOM component of Oracle Sun Systems Products Suite allows malicious remote authenticated users to compromise the confidentiality, integrity, and availability of the affected system. This vulnerability arises from insufficient protections related to the LUMAIN interface, which could be exploited to execute unauthorized actions on the system.

References

http://www.securitytracker.com/id/1036408
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/91787
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.