CVE-2019-3010 — Vulnetix

CVE-2019-3010 PUBLISHED KEV CVSS 4.599999904632568 MEDIUM

Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

EPSS 53.48% · 98.0th percentile

Risk Scores

CVSS 2.0

4.599999904632568

EPSS Score

53.48%

98.0th percentile

Affected Products

Vendor	Product	Versions
Oracle Corporation	Solaris Operating System	11
oracle	solaris	11

Exploit Intelligence

Reproduction of privilege escalation breach CVE-2019-3010 (github-poc)
Reproduction of privilege escalation breach CVE-2019-3010 (github-poc)
Reproduction of privilege escalation breach CVE-2019-3010 (github-poc)
Reproduction of privilege escalation breach CVE-2019-3010 (github-poc)
Reproduction of privilege escalation breach CVE-2019-3010 (github-poc)
http://packetstormsecurity.com/files/154960/Solaris-xscreensaver-Privilege-Escalation.html (nist-nvd)
CIRCL seen: CVE-2019-3010 (circl-sighting)
CIRCL seen: CVE-2019-3010 (circl-sighting)
CIRCL exploited: CVE-2019-3010 (circl-sighting)
CIRCL seen: CVE-2019-3010 (circl-sighting)

…and 18 more exploits

Timeline

Oct 16, 2019 CVE Published
Oct 20, 2019 PoC Published
Oct 23, 2019 PoC Published
Apr 14, 2021 EPSS Score
Sep 14, 2021 EPSS Score
Feb 4, 2022 EPSS Score
May 25, 2022 CISA KEV Added
Mar 7, 2023 EPSS Score
Jun 14, 2023 PoC Published
Dec 24, 2024 PoC Published
Feb 6, 2025 PoC Published
Feb 23, 2025 PoC Published

References

Open in Interactive Console →