CVE-2017-3582
Published Apr 24, 2017
Last updated 5 years ago
Overview
- Description
- Vulnerability in the Oracle SuperCluster Specific Software component of Oracle Sun Systems Products Suite (subcomponent: Backup/Restore Utility). Supported versions that are affected are 2.3.8 and 2.3.13. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle SuperCluster Specific Software executes to compromise Oracle SuperCluster Specific Software. Successful attacks of this vulnerability can result in takeover of Oracle SuperCluster Specific Software. CVSS 3.0 Base Score 8.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
- Source
- secalert_us@oracle.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 8.4
- Impact score
- 5.9
- Exploitability score
- 2.5
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:supercluster_specific_software:2.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94B9E712-3BC6-4C9A-91B2-A0611B600E40"
},
{
"criteria": "cpe:2.3:a:oracle:supercluster_specific_software:2.3.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83DBBE90-19EE-4754-A43F-5AEDB906F986"
}
],
"operator": "OR"
}
]
}
]