CVE-2017-3632

Name of the Vulnerable Software and Affected Versions Oracle Sun Systems Products Suite (Solaris) versions 10 and 11

Description The issue is related to inadequate access control in the CDE Calendar subcomponent of the Solaris operating system. It allows an unauthenticated attacker with network access via TCP to compromise Solaris, potentially resulting in a takeover of the system.

Recommendations For versions 10 and 11, update to a version that includes the necessary security patches to address the inadequate access control in the CDE Calendar subcomponent. As a temporary workaround, consider restricting network access to the Solaris system via TCP to minimize the risk of exploitation.