PT-2023-2542 · Oracle · Oracle Solaris

Jean-Michel Huguet

Publicado

2023-04-18

Atualizado

2024-09-16

CVE-2023-21985

CVSS v3.1

7.7

Alta

Vetor

AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Oracle Solaris versions 10 and 11

Description The issue is related to errors in processing input data in the Utility component of Oracle Solaris. Exploitation of this issue can allow an attacker to execute arbitrary code. Successful attacks require human interaction from a person other than the attacker and may significantly impact additional products. The issue can result in the takeover of Oracle Solaris.

Recommendations For Oracle Solaris versions 10 and 11, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-20

Identificadores relacionados

BDU:2023-02345

CVE-2023-21985

Produtos afetados

Oracle Solaris

PT-2023-2542 · Oracle · Oracle Solaris

CVE-2023-21985

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5