PT-2020-1407 · Oracle · Oracle Solaris

Published

2020-01-14

Updated

2022-07-28

CVE-2020-2647

CVSS v3.1

5.0

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Oracle Solaris versions 10 and 11

Description The issue is related to insufficient access control in the kernel of Oracle Solaris, allowing a low-privileged attacker with logon access to the infrastructure to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and can result in the unauthorized ability to cause a hang or frequently repeatable crash of Oracle Solaris, leading to a denial of service.

Recommendations For Oracle Solaris version 10, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Oracle Solaris version 11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2020-00380

CVE-2020-2647

Affected Products

Oracle Solaris

PT-2020-1407 · Oracle · Oracle Solaris

CVE-2020-2647

Weakness Enumeration

Related Identifiers

Affected Products

References · 5