CVE-2017-10013

Name of the Vulnerable Software and Affected Versions Sun ZFS Storage Appliance Kit (AK) version 2013

Description The issue allows an unauthenticated attacker with network access via HTTP to compromise the Sun ZFS Storage Appliance Kit (AK). Successful attacks require human interaction from a person other than the attacker. While the vulnerability is in the Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products, potentially resulting in the takeover of the Sun ZFS Storage Appliance Kit (AK).

Recommendations For Sun ZFS Storage Appliance Kit (AK) version 2013, consider restricting access to the HTTP interface until a fix is available. As a temporary workaround, limit user interaction with the affected system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.