CVE-2017-3582

EPSS 0.2%
Published 24.04.2017 19:59:05
Last modified 20.04.2025 01:37:25
Source secalert_us@oracle.com
Teams watchlist Login
Open Login

Vulnerability in the Oracle SuperCluster Specific Software component of Oracle Sun Systems Products Suite (subcomponent: Backup/Restore Utility). Supported versions that are affected are 2.3.8 and 2.3.13. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle SuperCluster Specific Software executes to compromise Oracle SuperCluster Specific Software. Successful attacks of this vulnerability can result in takeover of Oracle SuperCluster Specific Software. CVSS 3.0 Base Score 8.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Supercluster Specific Software Version2.3.8

Oracle ≫ Supercluster Specific Software Version2.3.13

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.2%	0.389

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.4	2.5	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

Patch

Vendor Advisory

http://www.securitytracker.com/id/1038292

http://www.securityfocus.com/bid/97796

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-3582

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-3582

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-3582

EUVD