CVE-2023-21948
First published: Tue Apr 18 2023(Updated: )
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Core). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Solaris SPARC | =10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Oracle Solaris vulnerability?
The vulnerability ID is CVE-2023-21948.
What component of Oracle Systems is affected by this vulnerability?
This vulnerability affects the Core component of Oracle Solaris.
Which version of Oracle Solaris is affected by this vulnerability?
Oracle Solaris version 10 is affected by this vulnerability.
What is the severity rating of this vulnerability?
The severity rating of this vulnerability is high, with a CVSS score of 7.8.
How can an attacker exploit this vulnerability?
An attacker with low privileges and login access to the Oracle Solaris infrastructure can exploit this vulnerability.
- agent/type
- agent/author
- agent/severity
- agent/softwarecombine
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/oracle solaris sparc
- version/oracle solaris sparc/10