CVE Vulnerability

CVE-2022-21610

Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDoms). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.1 Base Score 3.3 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L).

3.3 /10

CVSS v3.0 : LOW

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://www.oracle.com/security-alerts/cpuoct2022.html Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*
Information

Published : 2022-10-18 09:15

Updated : 2022-10-20 04:44

NVD link : CVE-2022-21610

Mitre link : CVE-2022-21610

Products Affected
No products.
CWE
NVD-CWE-noinfo