CVE-2017-3585

Name of the Vulnerable Software and Affected Versions Oracle Sun Systems Products Suite versions AK 2013

Description The issue affects the User Interface subsystem of the Sun ZFS Storage Appliance Kit (AK) component, allowing an unauthenticated attacker with network access via HTTP to compromise the system. This can result in unauthorized access to update, insert, or delete some of the accessible data.

Recommendations For version AK 2013, update to a version that addresses this issue, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the User Interface subsystem to minimize the risk of exploitation.