CVE-2023-22130

4 documents4 sources

Severity

5.9MEDIUM

EPSS

0.1%

top 77.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation SUN ZFS Storage Appliance KIT (ak) Software Oracle SUN ZFS Storage Appliance KIT

Timeline

PublishedOct 17

Latest updateOct 18

Description

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS …

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

▶NVDoracle/sun_zfs_storage_appliance_kit8.8.60

▶CVEListV5oracle_corporation/sun_zfs_storage_appliance_kit_(ak)_software8.8.60

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-mphg-9rp5-xxj5: Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core)↗2023-10-18

▶

CVEList

CVE-2023-22130: Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core)↗2023-10-17

▶

📋Vendor Advisories

Oracle

Oracle Oracle Systems Risk Matrix: Core — CVE-2023-22130↗2023-10-15

▶