CVE-2018-2917 — Vulnetix

CVE-2018-2917 PUBLISHED CVSS 5.300000190734863 MEDIUM

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

EPSS 2.51% · 85.7th percentile

Risk Scores

CVSS 3.0

5.300000190734863

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Score

2.51%

85.7th percentile

Affected Products

Vendor	Product	Versions
oracle	sun_zfs_storage_appliance_kit	0
Oracle Corporation	Sun ZFS Storage Appliance Kit (AK) Software	unspecified

Exploit Intelligence

（CVE-2015-7501）JBoss JMXInvokerServlet 反序列化漏洞 (github-poc)
（CVE-2015-7501）JBoss JMXInvokerServlet 反序列化漏洞 (github-poc)
（CVE-2015-7501）JBoss JMXInvokerServlet 反序列化漏洞 (github-poc)
（CVE-2015-7501）JBoss JMXInvokerServlet 反序列化漏洞 (github-poc)
104783 (circl)
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html (circl)
1041303 (circl)

Timeline

Jul 18, 2018 CVE Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Feb 28, 2022 EPSS Score
May 2, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Sep 5, 2022 EPSS Score
Nov 6, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Mar 11, 2023 EPSS Score

References

104783 vdb
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html url
1041303 vdb
https://nvd.nist.gov/vuln/detail/CVE-2018-2917 advisory

Open in Interactive Console →