Unauthenticated Access Vulnerability in Oracle SuperCluster Software
CVE-2017-3582

8.4HIGH

Key Information:

Vendor
Oracle
Status
Supercluster Specific Software
Vendor
CVE Published:
24 April 2017

Summary

The vulnerability in Oracle SuperCluster Specific Software allows an unauthenticated attacker with access to the affected infrastructure to exploit the Backup/Restore Utility. By leveraging this weakness, attackers can effectively take control of the software, leading to potential breaches of confidentiality, integrity, and availability. This exposure emphasizes the need for securing network access and monitoring for suspicious activity to prevent exploitation.

Affected Version(s)

SuperCluster Specific Software 2.3.8

SuperCluster Specific Software 2.3.13

References

http://www.oracle.com/technetwork/security-advisory/cpuap...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038292
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/97796
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.