← volver
CVE-2017-3622

CVE-2017-3622

EPSS 5.3%
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in takeover of Solaris. Note: CVE-2017-3622 is assigned for the "Extremeparr". CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Productos afectados
Oracle Corporation · Solaris Operating System
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/45479/no verificadoexploitdbwww.exploit-db.com/exploits/45479no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.exploit-db.com/exploits/45479/http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.htmlhttp://www.securityfocus.com/bid/97774http://www.securitytracker.com/id/1038292