CVE-2018-3266: Oracle Solaris Verified Boot vuln

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Verified Boot). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Solaris.

https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

https://nvd.nist.gov/vuln/detail/CVE-2018-3266

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3266

Current Exploit Price (≈) 3.9 $5k-$25k

https://vuldb.com/?id.125643

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s