CVE-2018-2930

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris Cluster. Successful attacks of this vulnerability can result in takeover of Solaris Cluster. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Published: Jul 18, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-2930
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / solaris_cluster	3.3	3.3.x
oracle / solaris_cluster	4.3	4.3.x

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.securityfocus.com/bid/104777
http://www.securitytracker.com/id/1041303

Vulnerability Database

289,599

CVE-2018-2930