CVE-2018-2754 — Corporation Solaris Operating System vulnerability

3 documents3 sources

Severity

7.7HIGHNVD

EPSS

0.2%

top 58.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Solaris Operating System Oracle Solaris

Timeline

PublishedApr 19

Latest updateMay 13

Description

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data and unauthorized ability to cause a hang or …

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 2.5 | Impact: 5.2

Affected Packages2 packages

▶NVDoracle/solaris11.3

▶CVEListV5oracle_corporation/solaris_operating_system11.3

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-p9wm-69xp-mc26: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver)↗2022-05-13

▶

CVEList

CVE-2018-2754: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver)↗2018-04-19

▶