← Zuruck zu CVEs
CVE-2019-3010
HIGHCISA KEV8.8
Beschreibung
Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/16/2019
Zuletzt geandert10/27/2025
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerOracle
ProduktSolaris
SchwachstellennameOracle Solaris Privilege Escalation Vulnerability
KEV Aufnahmedatum2022-05-25
Behebungsfrist2022-06-15
Ransomware-NutzungUnknown
Betroffene Produkte
oracle:solaris
Referenzen
http://packetstormsecurity.com/files/154960/Solaris-xscreensaver-Privilege-Escalation.html(secalert_us@oracle.com)
http://seclists.org/fulldisclosure/2019/Oct/39(secalert_us@oracle.com)
http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html(secalert_us@oracle.com)
http://packetstormsecurity.com/files/154960/Solaris-xscreensaver-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2019/Oct/39(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3010(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.