cvelistv5 - cve-2018-2568

CVE-2018-2568 (GCVE-0-2018-2568)

Vulnerability from cvelistv5 – Published: 2018-01-18 02:00 – Updated: 2024-10-03 20:46

Summary

Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).

Severity ?

No CVSS data available.

CWE

Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM).

Assigner

oracle

References

URL

Tags

	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040205	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/102606	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Oracle Corporation	SSM - (hot-tamale) ILOM: Integrated Lights Out Manager	Affected: 3.x Affected: 4.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:21:34.402Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "1040205",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040205"
          },
          {
            "name": "102606",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102606"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-2568",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-03T19:12:24.088409Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T20:46:16.343Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SSM - (hot-tamale) ILOM: Integrated Lights Out Manager",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "3.x"
            },
            {
              "status": "affected",
              "version": "4.x"
            }
          ]
        }
      ],
      "datePublic": "2018-01-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as  unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM).",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-18T10:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "1040205",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040205"
        },
        {
          "name": "102606",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102606"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2018-2568",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SSM - (hot-tamale) ILOM: Integrated Lights Out Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "3.x"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "4.x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as  unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM)."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "1040205",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040205"
            },
            {
              "name": "102606",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102606"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2018-2568",
    "datePublished": "2018-01-18T02:00:00",
    "dateReserved": "2017-12-15T00:00:00",
    "dateUpdated": "2024-10-03T20:46:16.343Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8218EEAF-741B-4DD3-BF54-9AACAB7DA8C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86AEC358-C42A-431C-B283-931BF3BD225C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE14594A-C236-4CF9-B173-E0F867A8946F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15D325AA-1082-43FE-A9A0-17C029A410D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAABBA80-3BC0-4AFE-AD7F-B3E39B2B0D44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD754216-4904-4A76-8FD3-C05B63E50467\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"405261BB-E89B-4BDF-A2F1-B216E687F761\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"194E1924-7ED1-4D04-9D19-121712401DF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8525C3C-70F4-4141-8CF4-FFA28B460D7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D158DF9D-73B1-4610-8DD6-79980D106F33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C61D0456-5E1B-4063-A245-26527AB7200D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBE9D350-ED6A-44F2-83B6-2553C4FC5976\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11D900B9-5EF2-41DA-A158-A20960EFC3E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F638C61F-E22E-4CA5-ADCB-874441208E92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16625608-5E60-4BFC-B0C1-B377DB95ED15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E71D5F-39B2-4EEB-9148-D5FAB7E2C07C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4FB08252-BD62-4408-83F1-135D6CA8789C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00B47785-37CB-473A-A0C4-0DE6D04DB760\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12AD61B0-1C6B-4F8C-A238-56B12B8C40CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63CF76F4-EEA5-4E8E-AD0D-408FAFD64D33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9ED2B616-C1AC-46F8-A12D-91CED6AB1586\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D858E652-4D60-40A0-8458-B5C8F5DC9794\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9782C736-0250-48D2-B104-C217F5F0AFAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE6321A6-4B0A-4E50-B855-00D90D9BF68C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD96F14B-AB0C-4A51-8113-822CC45D0F0B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad en el componente Integrated Lights Out Manager (ILOM) de Oracle Sun Systems Products Suite (subcomponente: Remote Console Application). Las versiones soportadas que se han visto afectadas son la 3.x y la 4.x. Una vulnerabilidad f\\u00e1cilmente explotable permite que un atacante que tenga acceso a red por TLS comprometa la seguridad de Integrated Lights Out Manager (ILOM). Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\\u00f3n, inserci\\u00f3n o supresi\\u00f3n de algunos de los datos accesibles de Integrated Lights Out Manager (ILOM), as\\u00ed como el acceso de lectura sin autorizaci\\u00f3n a un subconjunto de datos accesibles de Integrated Lights Out Manager (ILOM). Adem\\u00e1s, esto puede dar lugar a que el atacante consiga provocar una denegaci\\u00f3n de servicio parcial (DoS parcial) de Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).\"}]",
      "id": "CVE-2018-2568",
      "lastModified": "2024-11-21T04:03:57.147",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-01-18T02:29:17.727",
      "references": "[{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/102606\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1040205\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/102606\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1040205\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "secalert_us@oracle.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-2568\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2018-01-18T02:29:17.727\",\"lastModified\":\"2024-11-21T04:03:57.147\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el componente Integrated Lights Out Manager (ILOM) de Oracle Sun Systems Products Suite (subcomponente: Remote Console Application). Las versiones soportadas que se han visto afectadas son la 3.x y la 4.x. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante que tenga acceso a red por TLS comprometa la seguridad de Integrated Lights Out Manager (ILOM). Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de Integrated Lights Out Manager (ILOM), as\u00ed como el acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de Integrated Lights Out Manager (ILOM). Adem\u00e1s, esto puede dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8218EEAF-741B-4DD3-BF54-9AACAB7DA8C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86AEC358-C42A-431C-B283-931BF3BD225C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE14594A-C236-4CF9-B173-E0F867A8946F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15D325AA-1082-43FE-A9A0-17C029A410D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAABBA80-3BC0-4AFE-AD7F-B3E39B2B0D44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD754216-4904-4A76-8FD3-C05B63E50467\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"405261BB-E89B-4BDF-A2F1-B216E687F761\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"194E1924-7ED1-4D04-9D19-121712401DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8525C3C-70F4-4141-8CF4-FFA28B460D7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D158DF9D-73B1-4610-8DD6-79980D106F33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C61D0456-5E1B-4063-A245-26527AB7200D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBE9D350-ED6A-44F2-83B6-2553C4FC5976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D900B9-5EF2-41DA-A158-A20960EFC3E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F638C61F-E22E-4CA5-ADCB-874441208E92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16625608-5E60-4BFC-B0C1-B377DB95ED15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E71D5F-39B2-4EEB-9148-D5FAB7E2C07C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FB08252-BD62-4408-83F1-135D6CA8789C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00B47785-37CB-473A-A0C4-0DE6D04DB760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12AD61B0-1C6B-4F8C-A238-56B12B8C40CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63CF76F4-EEA5-4E8E-AD0D-408FAFD64D33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED2B616-C1AC-46F8-A12D-91CED6AB1586\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D858E652-4D60-40A0-8458-B5C8F5DC9794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9782C736-0250-48D2-B104-C217F5F0AFAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE6321A6-4B0A-4E50-B855-00D90D9BF68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD96F14B-AB0C-4A51-8113-822CC45D0F0B\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102606\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040205\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102606\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040205\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1040205\", \"name\": \"1040205\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/102606\", \"name\": \"102606\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T04:21:34.402Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-2568\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-03T19:12:24.088409Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-03T19:12:49.934Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"SSM - (hot-tamale) ILOM: Integrated Lights Out Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.x\"}, {\"status\": \"affected\", \"version\": \"4.x\"}]}], \"datePublic\": \"2018-01-03T00:00:00\", \"references\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1040205\", \"name\": \"1040205\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securityfocus.com/bid/102606\", \"name\": \"102606\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as  unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM).\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2018-01-18T10:57:01\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"3.x\", \"version_affected\": \"=\"}, {\"version_value\": \"4.x\", \"version_affected\": \"=\"}]}, \"product_name\": \"SSM - (hot-tamale) ILOM: Integrated Lights Out Manager\"}]}, \"vendor_name\": \"Oracle Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1040205\", \"name\": \"1040205\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.securityfocus.com/bid/102606\", \"name\": \"102606\", \"refsource\": \"BID\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as  unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM).\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-2568\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2018-2568\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-03T20:46:16.343Z\", \"dateReserved\": \"2017-12-15T00:00:00\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2018-01-18T02:00:00\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2018-AVI-038

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Oracle Sun Systems Products Suite. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Integrated Lights Out Manager (ILOM) versions 3.x et 4.x
Oracle	N/A	Sun ZFS Storage Appliance Kit (AK) versions antérieures à 8.7.13
Oracle	N/A	Oracle X86 Servers versions SW 1.x et SW 2.x
Oracle	N/A	Solaris versions 10 et 11.3

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2018-3236630 du 16 janvier 2018	None	vendor-advisory
Bulletin de sécurité Oracle cpujan2018verbose-3236630#SUNS du 16 janvier 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Integrated Lights Out Manager (ILOM) versions 3.x et 4.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun ZFS Storage Appliance Kit (AK) versions ant\u00e9rieures \u00e0 8.7.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle X86 Servers versions SW 1.x et SW 2.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris versions 10 et 11.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-2560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2560"
    },
    {
      "name": "CVE-2018-2717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2717"
    },
    {
      "name": "CVE-2018-2664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2664"
    },
    {
      "name": "CVE-2018-2577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2577"
    },
    {
      "name": "CVE-2018-2623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2623"
    },
    {
      "name": "CVE-2018-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2624"
    },
    {
      "name": "CVE-2018-2566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2566"
    },
    {
      "name": "CVE-2016-0704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0704"
    },
    {
      "name": "CVE-2018-2611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2611"
    },
    {
      "name": "CVE-2018-2578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2578"
    },
    {
      "name": "CVE-2018-2568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2568"
    },
    {
      "name": "CVE-2017-5715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
    },
    {
      "name": "CVE-2018-2710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2710"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-038",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-01-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Sun Systems\nProducts Suite. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Systems Products Suite",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2018-3236630 du 16 janvier 2018",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2018verbose-3236630#SUNS du 16 janvier 2018",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018verbose-3236630.html#SUNS"
    }
  ]
}

CERTFR-2018-AVI-038

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Integrated Lights Out Manager (ILOM) versions 3.x et 4.x
Oracle	N/A	Sun ZFS Storage Appliance Kit (AK) versions antérieures à 8.7.13
Oracle	N/A	Oracle X86 Servers versions SW 1.x et SW 2.x
Oracle	N/A	Solaris versions 10 et 11.3

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2018-3236630 du 16 janvier 2018	None	vendor-advisory
Bulletin de sécurité Oracle cpujan2018verbose-3236630#SUNS du 16 janvier 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Integrated Lights Out Manager (ILOM) versions 3.x et 4.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun ZFS Storage Appliance Kit (AK) versions ant\u00e9rieures \u00e0 8.7.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle X86 Servers versions SW 1.x et SW 2.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris versions 10 et 11.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-2560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2560"
    },
    {
      "name": "CVE-2018-2717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2717"
    },
    {
      "name": "CVE-2018-2664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2664"
    },
    {
      "name": "CVE-2018-2577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2577"
    },
    {
      "name": "CVE-2018-2623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2623"
    },
    {
      "name": "CVE-2018-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2624"
    },
    {
      "name": "CVE-2018-2566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2566"
    },
    {
      "name": "CVE-2016-0704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0704"
    },
    {
      "name": "CVE-2018-2611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2611"
    },
    {
      "name": "CVE-2018-2578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2578"
    },
    {
      "name": "CVE-2018-2568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2568"
    },
    {
      "name": "CVE-2017-5715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
    },
    {
      "name": "CVE-2018-2710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2710"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-038",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-01-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Sun Systems\nProducts Suite. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Systems Products Suite",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2018-3236630 du 16 janvier 2018",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2018verbose-3236630#SUNS du 16 janvier 2018",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018verbose-3236630.html#SUNS"
    }
  ]
}

FKIE_CVE-2018-2568

Vulnerability from fkie_nvd - Published: 2018-01-18 02:29 - Updated: 2024-11-21 04:03

Severity ?

7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

References

URL	Tags
secalert_us@oracle.com	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/102606	Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.securitytracker.com/id/1040205	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/102606	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040205	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
oracle	integrated_lights_out_manager_firmware	3.0.0
oracle	integrated_lights_out_manager_firmware	3.0.3
oracle	integrated_lights_out_manager_firmware	3.0.4
oracle	integrated_lights_out_manager_firmware	3.0.6
oracle	integrated_lights_out_manager_firmware	3.0.8
oracle	integrated_lights_out_manager_firmware	3.0.9
oracle	integrated_lights_out_manager_firmware	3.0.10
oracle	integrated_lights_out_manager_firmware	3.0.12
oracle	integrated_lights_out_manager_firmware	3.0.14
oracle	integrated_lights_out_manager_firmware	3.0.16
oracle	integrated_lights_out_manager_firmware	3.1.0
oracle	integrated_lights_out_manager_firmware	3.1.1
oracle	integrated_lights_out_manager_firmware	3.1.2
oracle	integrated_lights_out_manager_firmware	3.2.0
oracle	integrated_lights_out_manager_firmware	3.2.1
oracle	integrated_lights_out_manager_firmware	3.2.2
oracle	integrated_lights_out_manager_firmware	3.2.4
oracle	integrated_lights_out_manager_firmware	3.2.5
oracle	integrated_lights_out_manager_firmware	3.2.6
oracle	integrated_lights_out_manager_firmware	3.2.7
oracle	integrated_lights_out_manager_firmware	3.2.8
oracle	integrated_lights_out_manager_firmware	3.2.9
oracle	integrated_lights_out_manager_firmware	4.0.0
oracle	integrated_lights_out_manager_firmware	4.0.1
oracle	integrated_lights_out_manager_firmware	4.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8218EEAF-741B-4DD3-BF54-9AACAB7DA8C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AEC358-C42A-431C-B283-931BF3BD225C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE14594A-C236-4CF9-B173-E0F867A8946F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D325AA-1082-43FE-A9A0-17C029A410D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAABBA80-3BC0-4AFE-AD7F-B3E39B2B0D44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD754216-4904-4A76-8FD3-C05B63E50467",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "405261BB-E89B-4BDF-A2F1-B216E687F761",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "194E1924-7ED1-4D04-9D19-121712401DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8525C3C-70F4-4141-8CF4-FFA28B460D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "D158DF9D-73B1-4610-8DD6-79980D106F33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C61D0456-5E1B-4063-A245-26527AB7200D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBE9D350-ED6A-44F2-83B6-2553C4FC5976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D900B9-5EF2-41DA-A158-A20960EFC3E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F638C61F-E22E-4CA5-ADCB-874441208E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "16625608-5E60-4BFC-B0C1-B377DB95ED15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4E71D5F-39B2-4EEB-9148-D5FAB7E2C07C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB08252-BD62-4408-83F1-135D6CA8789C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B47785-37CB-473A-A0C4-0DE6D04DB760",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "12AD61B0-1C6B-4F8C-A238-56B12B8C40CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "63CF76F4-EEA5-4E8E-AD0D-408FAFD64D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED2B616-C1AC-46F8-A12D-91CED6AB1586",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D858E652-4D60-40A0-8458-B5C8F5DC9794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9782C736-0250-48D2-B104-C217F5F0AFAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE6321A6-4B0A-4E50-B855-00D90D9BF68C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD96F14B-AB0C-4A51-8113-822CC45D0F0B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en el componente Integrated Lights Out Manager (ILOM) de Oracle Sun Systems Products Suite (subcomponente: Remote Console Application). Las versiones soportadas que se han visto afectadas son la 3.x y la 4.x. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante que tenga acceso a red por TLS comprometa la seguridad de Integrated Lights Out Manager (ILOM). Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de Integrated Lights Out Manager (ILOM), as\u00ed como el acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de Integrated Lights Out Manager (ILOM). Adem\u00e1s, esto puede dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)."
    }
  ],
  "id": "CVE-2018-2568",
  "lastModified": "2024-11-21T04:03:57.147",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-01-18T02:29:17.727",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102606"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040205"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2018-01954

Vulnerability from cnvd - Published: 2018-01-26

Title

Oracle Sun Systems Products Suite存在未明漏洞（CNVD-2018-01954）

Description

Oracle Sun Systems Products Suite是Sun系统产品包。 Oracle Sun Systems Products Suite的Integrated Lights Out Manager (ILOM)组件的Remote Console Application子组件存在未明漏洞。攻击者可利用该漏洞影响机密性、完整性及可用性。

Severity

高

Patch Name

Oracle Sun Systems Products Suite存在未明漏洞（CNVD-2018-01954）的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Reference

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Impacted products

Name
['Oracle Sun Systems Products Suite 3.', 'Oracle Sun Systems Products Suite 4.']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "102606"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-2568"
    }
  },
  "description": "Oracle Sun Systems Products Suite\u662fSun\u7cfb\u7edf\u4ea7\u54c1\u5305\u3002\r\n\r\nOracle Sun Systems Products Suite\u7684Integrated Lights Out Manager (ILOM)\u7ec4\u4ef6\u7684Remote Console Application\u5b50\u7ec4\u4ef6\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5f71\u54cd\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002",
  "discovererName": "Oracle",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-01954",
  "openTime": "2018-01-26",
  "patchDescription": "Oracle Sun Systems Products Suite\u662fSun\u7cfb\u7edf\u4ea7\u54c1\u5305\u3002\r\n\r\nOracle Sun Systems Products Suite\u7684Integrated Lights Out Manager (ILOM)\u7ec4\u4ef6\u7684Remote Console Application\u5b50\u7ec4\u4ef6\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5f71\u54cd\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Oracle Sun Systems Products Suite\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2018-01954\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Oracle Sun Systems Products Suite 3.*",
      "Oracle Sun Systems Products Suite 4.*"
    ]
  },
  "referenceLink": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
  "serverity": "\u9ad8",
  "submitTime": "2018-01-18",
  "title": "Oracle Sun Systems Products Suite\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2018-01954\uff09"
}

GSD-2018-2568

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-2568

Aliases

CVE-2018-2568

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-2568",
    "description": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
    "id": "GSD-2018-2568"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-2568"
      ],
      "details": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
      "id": "GSD-2018-2568",
      "modified": "2023-12-13T01:22:31.785912Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2018-2568",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SSM - (hot-tamale) ILOM: Integrated Lights Out Manager",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "3.x"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "4.x"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Oracle Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as  unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM)."
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "1040205",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1040205"
          },
          {
            "name": "102606",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/102606"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2018-2568"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "1040205",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1040205"
            },
            {
              "name": "102606",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/102606"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.4
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-01-18T02:29Z"
    }
  }
}

GHSA-M4R5-CR22-679M

Vulnerability from github – Published: 2022-05-13 01:51 – Updated: 2022-05-13 01:51

Details

Severity ?

7.3 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-2568"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-18T02:29:00Z",
    "severity": "HIGH"
  },
  "details": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
  "id": "GHSA-m4r5-cr22-679m",
  "modified": "2022-05-13T01:51:20Z",
  "published": "2022-05-13T01:51:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2568"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102606"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040205"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201801-1229

Vulnerability from variot - Updated: 2023-12-18 13:29

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201801-1229",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.3"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.9"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.0"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.6"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.14"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.10"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.12"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.8"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.4"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "oracle",
        "version": "3.0.16"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "oracle",
        "version": "3.2.5"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "oracle",
        "version": "3.2.4"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "oracle",
        "version": "3.2.6"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.2.9"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "4.0.2"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.1.2"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "4.0.0"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.2.8"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "4.0.1"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.1.1"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.2.0"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.1.0"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.2.1"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.2.7"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.2.2"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "3.x"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "4.x"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "4.0"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.0"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.3"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2"
      },
      {
        "model": "integrated lights out manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "102606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Oracle",
    "sources": [
      {
        "db": "BID",
        "id": "102606"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-2568",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-2568",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-132599",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 3.9,
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "Low",
            "baseScore": 7.3,
            "baseSeverity": "High",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2018-2568",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-2568",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201801-784",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-132599",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-2568",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-2568"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). \nThe vulnerability can be exploited over the \u0027TLS\u0027 protocol. Attackers can take advantage of this vulnerability to read, update, insert or delete data without authorization, causing denial of service and affecting data confidentiality, availability and integrity",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "BID",
        "id": "102606"
      },
      {
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-2568"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-2568",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "102606",
        "trust": 2.1
      },
      {
        "db": "SECTRACK",
        "id": "1040205",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-132599",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-2568",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-2568"
      },
      {
        "db": "BID",
        "id": "102606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "id": "VAR-201801-1229",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-132599"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:29:01.976000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Oracle Critical Patch Update Advisory - January 2018",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "title": "Text Form of Oracle Critical Patch Update - January 2018 Risk Matrices",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018verbose-3236630.html"
      },
      {
        "title": "Oracle Sun Systems Products Suite Integrated Lights Out Manager Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77962"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-2568"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/102606"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id/1040205"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2568"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-2568"
      },
      {
        "trust": 0.3,
        "url": "http://www.oracle.com/index.html"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=56479"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-2568"
      },
      {
        "db": "BID",
        "id": "102606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-2568"
      },
      {
        "db": "BID",
        "id": "102606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-01-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "date": "2018-01-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-2568"
      },
      {
        "date": "2018-01-16T00:00:00",
        "db": "BID",
        "id": "102606"
      },
      {
        "date": "2018-02-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "date": "2018-01-18T02:29:17.727000",
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "date": "2018-01-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-132599"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-2568"
      },
      {
        "date": "2018-01-16T00:00:00",
        "db": "BID",
        "id": "102606"
      },
      {
        "date": "2018-02-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2018-2568"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Oracle Sun Systems Products Suite of  Integrated Lights Out Manager In  Remote Console Application Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001415"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-784"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-2568 (GCVE-0-2018-2568)

CERTFR-2018-AVI-038

Solution

CERTFR-2018-AVI-038

Solution

FKIE_CVE-2018-2568

CNVD-2018-01954

GSD-2018-2568

GHSA-M4R5-CR22-679M

VAR-201801-1229

Tags

Sightings

Nomenclature