CVE-2018-3270

EUVD-2018-15124

17.10.2018, 01:31

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 1.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L).

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	1.8 LOW	LOCAL	HIGH	HIGH	CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 33%

Affected Products (NVD)

Vendor	Product	Version
oracle	solaris	11.3

𝑥

= Vulnerable software versions

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/105605

http://www.securitytracker.com/id/1041895

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/105605

http://www.securitytracker.com/id/1041895