Oracle Integrated Lights Out Manager Vulnerability in Sun Systems Products Suite
CVE-2017-10260
7.5HIGH
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 19 October 2017
Summary
A security vulnerability exists in the Oracle Integrated Lights Out Manager (ILOM) found in Oracle Sun Systems Products Suite. This flaw allows unauthenticated attackers with network access via HTTP to exploit the system, leading to the potential for unauthorized control over the ILOM. Successful exploitation may result in a denial of service, causing the ILOM to hang or crash repeatedly. Organizations using affected versions prior to 3.2.6 should address this vulnerability promptly to safeguard their systems.
Affected Version(s)
SSM - (hot-tamale) ILOM: Integrated Lights Out Manager < 3.2.6
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved