CVE-2017-3510

Summary

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data. CVSS 3.0 Base Score 7.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N).

Impact & exploitability

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Affected products we track (1)

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Official patch: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html ↗

Additional information

• NVD record
• http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.htmlPatch
• http://www.securityfocus.com/bid/97813Advisory
• http://www.securitytracker.com/id/1038292