Vulnerability in Oracle Sun Systems Products Suite's Remote Console Application
CVE-2018-2566
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 18 January 2018
Summary
The vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite allows low privileged attackers with network access via TLS to exploit the system. While direct exploitation is notably challenging and requires human interaction from a separate user, successful attacks can lead to unauthorized alteration or deletion of critical data within ILOM. Additionally, the potential to gain full access to all data managed by the ILOM poses significant risks, potentially impacting other associated products. Addressing this vulnerability is crucial to safeguarding sensitive information against unauthorized access.
Affected Version(s)
SSM - (hot-tamale) ILOM: Integrated Lights Out Manager 3.x
SSM - (hot-tamale) ILOM: Integrated Lights Out Manager 4.x
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved