Vulnerabilities > CVE-2019-2804 - Unspecified vulnerability in Oracle Solaris 10.0/11.4
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Filesystem). Supported versions that are affected are 11.4 and 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS_JUL2019_SRU11_4_8_5_0.NASL description This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite (component: Filesystem). Supported versions that are affected are 11.4 and 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. (CVE-2019-2804) - Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite (component: Kernel). Supported versions that are affected are 11.4 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via IPv6 to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Solaris accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. (CVE-2019-5597) last seen 2020-06-01 modified 2020-06-02 plugin id 126768 published 2019-07-17 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126768 title Oracle Solaris Critical Patch Update : jul2019_SRU11_4_8_5_0 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_153057-01.NASL description Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite (component: Filesystem). Supported versions that are affected are 11.4 and 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. last seen 2020-06-01 modified 2020-06-02 plugin id 126734 published 2019-07-16 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126734 title Solaris 10 (x86) : 153057-01 NASL family Solaris Local Security Checks NASL id SOLARIS10_153056-01.NASL description Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite (component: Filesystem). Supported versions that are affected are 11.4 and 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. last seen 2020-06-01 modified 2020-06-02 plugin id 126724 published 2019-07-16 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126724 title Solaris 10 (sparc) : 153056-01