CVE-2022-21446

Name of the Vulnerable Software and Affected Versions Oracle Solaris version 11

Description The issue allows an unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data or all Oracle Solaris accessible data, as well as unauthorized read access to a subset of Oracle Solaris accessible data. This is due to insufficient input validation in the Utility component.

Recommendations For Oracle Solaris version 11, update to a version that addresses the insufficient input validation issue in the Utility component to prevent unauthorized access and data manipulation.