CVE-2008-7300

CWE-2643 documents3 sources

Severity

8.5HIGH

EPSS

0.3%

top 49.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Opensolaris SUN Sunos

Timeline

PublishedOct 5

Latest updateMay 17

Description

The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 6.8 | Impact: 10.0

Affected Packages2 packages

▶NVDsun/opensolaris5 versions+4

▶NVDsun/sunos5.10

🔴Vulnerability Details

GHSA

GHSA-cwhj-8r87-52jv: The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in↗2022-05-17

▶

CVEList

CVE-2008-7300: The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in↗2011-10-05

▶