Vulnerability in Sun ZFS Storage Appliance Kit by Oracle
CVE-2018-3057

8.2HIGH

Key Information:

Vendor

Oracle
Status
Sun Zfs Storage Appliance Kit (ak) Software
Vendor
CVE Published:
18 July 2018

What is CVE-2018-3057?

A vulnerability has been identified in the Sun ZFS Storage Appliance Kit (AK) component of Oracle's Sun Systems Products Suite. This issue allows a privileged attacker with access to the infrastructure where the kit operates to potentially compromise the service. Although the vulnerability is specific to the Sun ZFS Storage Appliance Kit (AK), successful exploitation may have significant repercussions on additional associated products, leading to unauthorized takeover of the affected system. The supported versions impacted are those prior to 8.7.18, heightening the need for immediate attention and remediation.

Affected Version(s)

Sun ZFS Storage Appliance Kit (AK) Software < 8.7.18

References

http://www.securityfocus.com/bid/104783
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041303
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.