Lucene search

[email protected]NVD:CVE-2024-20914

HistoryJan 16, 2024 - 10:15 p.m.

CVE-2024-20914

2024-01-1622:15:39

[email protected]

web.nvd.nist.gov

oracle zfs storage appliance

vulnerability

unauthorized access

oracle systems

cvss 3.1

CVSS3

2.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

AI Score

2.4

Confidence

High

EPSS

Percentile

9.8%

JSON

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle ZFS Storage Appliance Kit accessible data. CVSS 3.1 Base Score 2.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

Affected configurations

Nvd

Node

oraclezfs_storage_appliance_kitMatch8.8

VendorProductVersionCPE
oraclezfs_storage_appliance_kit8.8cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	zfs_storage_appliance_kit	8.8	cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*

References

www.oracle.com/security-alerts/cpujan2024.html

CVSS3

2.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

AI Score

2.4

Confidence

High

EPSS

Percentile

9.8%

JSON

Related for NVD:CVE-2024-20914

cvelist1 cve1 prion1 oracle1