CVE-2017-3498: Infoleak
First published: Mon Apr 24 2017(Updated: )
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Solaris | =11.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3498?
The severity of CVE-2017-3498 is categorized as low.
How do I fix CVE-2017-3498?
To fix CVE-2017-3498, apply the latest patches provided by Oracle for Solaris 11.3.
What components are affected by CVE-2017-3498?
CVE-2017-3498 affects the Solaris component of the Oracle Sun Systems Products Suite, specifically the kernel.
Who can exploit CVE-2017-3498?
CVE-2017-3498 can be exploited by low privileged attackers with logon access to the infrastructure where Solaris executes.
What version of Solaris is impacted by CVE-2017-3498?
The affected version of Solaris by CVE-2017-3498 is 11.3.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle solaris
- version/oracle solaris/11.3