CVE-2019-3010

Name of the Vulnerable Software and Affected Versions Oracle Solaris version 11

Description The issue is related to a component called XScreenSaver in the Oracle Solaris operating system, which has inadequate access control. This can be exploited by an attacker to gain full control over the system. The vulnerability is easily exploitable and can be used by a low-privileged attacker with logon access to the infrastructure where Oracle Solaris is executed. Successful attacks can result in the takeover of Oracle Solaris and may also impact additional products.

Recommendations For Oracle Solaris version 11, apply the official fix to resolve the issue. As a temporary workaround, consider disabling the XScreenSaver component until a patch is available. Restrict access to the XScreenSaver component to minimize the risk of exploitation.