Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-3622Corporation Solaris Operating System vulnerability

8 documents7 sources
Severity
7.8HIGHNVD
EPSS
19.6%
top 4.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Oracle Corporation Solaris Operating SystemOracle Solaris
Timeline
PublishedApr 24
Latest updateMay 13

Description

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in takeover of Solaris. Note: CVE-2017-3622 is assigned for the "Extremeparr". CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-j6c4-cg47-wc3x: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE))2022-05-13
CVEList
CVE-2017-3622: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE))2017-04-24
VulnCheck
Oracle Sun Systems Products Suite Solaris Common Desktop Environment (CDE) Vulnerability2017

💥Exploits & PoCs

2
Exploit-DB
Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)2018-09-25
Metasploit
Solaris 'EXTREMEPARR' dtappgather Privilege Escalation

🕵️Threat Intelligence

2
Qualys
Oracle Plugs Struts and Shadow Brokers hole along with 299 Total Vulnerabilities2017-04-18
Qualys
Oracle Plugs Struts and Shadow Brokers hole along with 299 Total Vulnerabilities | Qualys2017-04-18
CVE-2017-3622 — HIGH severity | cvebase