Id:
CVE-2017-3510
Comment
:
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data. CVSS 3.0 Base Score 7.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N).
CVSSv2 Score:
5.5
Access vector:
|
NETWORK
|
Access complexity:
|
LOW
|
Authentication:
|
SINGLE
|
Confidentiality impact:
|
PARTIAL
|
Integrity impact:
|
PARTIAL
|
Availability impact:
|
NONE
|
CVSSv2 Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:N
CVSSv3 Score:
9.6
Attack vector:
|
NETWORK
|
Attack complexity:
|
LOW
|
Privileges required:
|
LOW
|
User interaction:
|
NONE
|
Scope:
|
CHANGED
|
Confidentiality impact:
|
HIGH
|
Integrity impact:
|
HIGH
|
Availability impact:
|
NONE
|
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
References: