CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-3632

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Solaris. Successful attacks of this vulnerability can result in takeover of Solaris. Note: CVE-2017-3632 is assigned to the "EASYSTREET" vulnerability. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.103

EPSS Ranking 92.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.securityfocus.com/bid/99857
http://www.securitytracker.com/id/1038938
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.securityfocus.com/bid/99857
http://www.securitytracker.com/id/1038938

Products affected by CVE-2017-3632

Oracle » Solaris » Version: 10

cpe:2.3:o:oracle:solaris:10
Oracle » Solaris » Version: 11

cpe:2.3:o:oracle:solaris:11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-3632

Products

Pricing

Contact Us