Exploitable Vulnerability in ZFS Storage Appliance Kit by Oracle
CVE-2018-2916

2.7LOW

Key Information:

Vendor
Oracle
Status
Sun Zfs Storage Appliance Kit (ak) Software
Vendor
CVE Published:
18 July 2018

Summary

A vulnerability exists in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite. The issue affects versions prior to 8.7.18 and permits high-privileged attackers with network access to exploit the system through various protocols. Successful exploitation may lead to unauthorized actions that can cause a partial denial of service, impacting the availability of the service. Organizations using affected versions should prioritize patching to mitigate risks associated with unauthorized network access.

Affected Version(s)

Sun ZFS Storage Appliance Kit (AK) Software < 8.7.18

References

http://www.securityfocus.com/bid/104783
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041303
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
2.7
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.