CVE-2017-10036

Name of the Vulnerable Software and Affected Versions Oracle Sun Systems Products Suite (Solaris component) versions 10 and 11

Description The issue is related to a vulnerability in the NFSv4 protocol of the Solaris operating system, which is associated with inadequate access control. This vulnerability can be easily exploited by an unauthenticated attacker with network access via NFSv4, allowing them to compromise Solaris. Successful attacks can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete denial of service) of Solaris.

Recommendations For versions 10 and 11, consider restricting access to the NFSv4 protocol to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the NFSv4 service until a fix is provided.