CVE-2023-22128

Name of the Vulnerable Software and Affected Versions Oracle Solaris versions 10 through 11

Description The issue allows an unauthenticated attacker with network access via rquota to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized read access to a subset of Oracle Solaris accessible data.

Recommendations For versions 10 and 11, consider restricting access to the rquota service until a patch is available. As a temporary workaround, consider disabling the rquota service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.