CVE-2019-2544

Name of the Vulnerable Software and Affected Versions Oracle Solaris versions 10 and 11

Description The issue is related to inadequate access control in the Oracle Solaris kernel, allowing an unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. This can result in unauthorized read access to a subset of Oracle Solaris accessible data.

Recommendations For Oracle Solaris version 10, update to a version that includes the necessary security patches to address the inadequate access control issue. For Oracle Solaris version 11, apply the relevant security fixes to mitigate the risk of unauthorized data access. As a temporary workaround, consider restricting access to sensitive data and infrastructure to minimize the risk of exploitation.