cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21155,https://securityvulnerability.io/vulnerability/CVE-2024-21155,Exploitable Vulnerability in Oracle ZFS Storage Appliance Kit User Interface,"An unauthenticated network-accessible vulnerability exists in the User Interface of the Oracle ZFS Storage Appliance Kit, allowing an attacker to exploit it through HTTP. Although the attack requires human interaction, the implications of a successful exploit may lead to unauthorized read access to sensitive data within the affected product. Additionally, attacks may extend to other products, highlighting a significant risk to broader system integrity.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2023-21833,https://securityvulnerability.io/vulnerability/CVE-2023-21833,Oracle ZFS Storage Appliance Kit Vulnerability Allows Low Privileged Attackers to Compromise Data,"A vulnerability has been identified in the Object Store component of the Oracle ZFS Storage Appliance Kit. This flaw allows a low privileged attacker with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized read access to sensitive data within the Oracle ZFS Storage Appliance Kit, compromising data confidentiality. It is essential for users to assess their security measures to mitigate the potential risks associated with this vulnerability.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-17T02:15:00.000Z,0
CVE-2024-20959,https://securityvulnerability.io/vulnerability/CVE-2024-20959,Unauthorized Access Vulnerability in Oracle ZFS Storage Appliance Kit by Oracle Systems,"An exploitable vulnerability in the Oracle ZFS Storage Appliance Kit enables a high privileged attacker with logon credentials to the infrastructure to execute unauthorized commands. This can lead to severe disruptions, such as causing the appliance to hang or crash repeatedly, resulting in a denial-of-service condition. The vulnerability affects supported versions, particularly 8.8, allowing attackers to manipulate system availability without detection.",Oracle,Sun ZFS Storage Appliance Kit (AK) Software,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-16T21:41:21.596Z,0
CVE-2024-20914,https://securityvulnerability.io/vulnerability/CVE-2024-20914,Unauthorized Data Access Vulnerability in Oracle ZFS Storage Appliance Kit,"A notable vulnerability exists within Oracle ZFS Storage Appliance Kit that allows an authenticated attacker to exploit the system to gain unauthorized read access to specific data. This vulnerability can be easily exploited by attackers with high privileges who have logged into the infrastructure where the Oracle ZFS Storage Appliance Kit is operational. Effective mitigation is essential to prevent unwanted data exposure. For more details, refer to Oracle's advisory.",Oracle,Sun ZFS Storage Appliance Kit (AK) Software,2.3,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-16T21:41:14.356Z,0
CVE-2023-22130,https://securityvulnerability.io/vulnerability/CVE-2023-22130,Denial of Service Vulnerability in Sun ZFS Storage Appliance by Oracle,"A vulnerability exists in the Sun ZFS Storage Appliance by Oracle that allows an unauthenticated attacker with network access via HTTP to exploit the system. This vulnerability can lead to the unauthorized ability to cause a hang or frequent crashes of the appliance, resulting in a denial of service. Users of the affected version 8.8.60 should apply necessary patches to mitigate exposure to this issue.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5.9,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2022-21563,https://securityvulnerability.io/vulnerability/CVE-2022-21563,Vulnerability in Oracle ZFS Storage Appliance Kit by Oracle Systems,"This vulnerability allows an attacker with high privileges who has logged into the infrastructure where the Oracle ZFS Storage Appliance Kit operates to compromise the appliance. Such exploitation can lead to unauthorized updates, insertions, or deletions of critical data, as well as the potential to partially disrupt the service of the appliance. The risk stems from insufficient protection mechanisms within the system, which can be targeted, thus exposing sensitive data to unauthorized manipulation and creating vulnerabilities within the service availability.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,3.4,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:08:05.000Z,0
CVE-2022-21513,https://securityvulnerability.io/vulnerability/CVE-2022-21513,Privilege Escalation Vulnerability in Oracle ZFS Storage Appliance Kit,"A vulnerability exists in the Oracle ZFS Storage Appliance Kit that allows a high-privileged attacker who has logged into the infrastructure to compromise the system. This vulnerability may lead to unauthorized access and control over the appliance, potentially impacting its confidentiality, integrity, and availability. Given its exploitation potential, organizations utilizing this product are strongly recommended to apply security patches and continuously monitor their environments for unauthorized activities.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,8.2,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:06:48.000Z,0
CVE-2021-2149,https://securityvulnerability.io/vulnerability/CVE-2021-2149,Unauthorized Access Vulnerability in Oracle ZFS Storage Appliance Kit by Oracle Systems,"A vulnerability exists in the Oracle ZFS Storage Appliance Kit that enables low privileged users with a valid logon to exploit the system. This vulnerability allows these users to gain unauthorized access, potentially leading to insertion, update, or deletion of data within the appliance. Although the risk level is manageable, organizations using affected versions should prioritize patching to secure their data integrity and prevent unauthorized data manipulations.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,2.5,LOW,0.000910000002477318,false,,false,false,false,,,false,false,,2021-04-22T21:53:45.000Z,0
CVE-2021-2147,https://securityvulnerability.io/vulnerability/CVE-2021-2147,Vulnerability in Oracle ZFS Storage Appliance Kit by Oracle Systems,"This vulnerability affects the Oracle ZFS Storage Appliance Kit, allowing an attacker with high privileges and access to the infrastructure to potentially compromise the appliance. Exploitation requires human interaction from another party, making it complex but not impossible. An attacker could gain unauthorized capabilities to update, insert, or delete data accessible through Oracle ZFS Storage Appliance Kit, leading to integrity impacts. This highlights the importance of securing access controls and monitoring user interactions within the system.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,1.8,LOW,0.0004900000058114529,false,,false,false,false,,,false,false,,2021-04-22T21:53:45.000Z,0
CVE-2021-1999,https://securityvulnerability.io/vulnerability/CVE-2021-1999,Vulnerability in Oracle ZFS Storage Appliance Kit by Oracle Systems,"A vulnerability has been identified in the Oracle ZFS Storage Appliance Kit associated with the RAS subsystems. This vulnerability allows an attacker with high privileges, who has logged onto the infrastructure where the appliance runs, to potentially compromise the system. Successful exploitation requires human interaction from another individual, making the attack vector particularly intricate. While the core vulnerability lies within the Oracle ZFS Storage Appliance Kit, the ramifications of an attack could extend to other connected products, leading to unauthorized creation, deletion, or modification of critical data accessible by the appliance.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2021-01-20T14:50:00.000Z,0
CVE-2019-2878,https://securityvulnerability.io/vulnerability/CVE-2019-2878,Vulnerability in Oracle Sun ZFS Storage Appliance Kit Affects Oracle Sun Systems Products Suite,"A vulnerability in the Oracle Sun ZFS Storage Appliance Kit allows unauthenticated network access via HTTP, enabling attackers to potentially compromise system data. Although successful exploitation requires user interaction, it can result in unauthorized operations, including updates, inserts, or deletions of accessible data. Moreover, attackers may gain unauthorized read access to specific data, significantly impacting the security of affected systems and potentially other associated products.",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2412,https://securityvulnerability.io/vulnerability/CVE-2019-2412,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Object Store). The supported version that is affected is prior to 8.8.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in takeover of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 6.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-2927,https://securityvulnerability.io/vulnerability/CVE-2018-2927,,Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).,Oracle,Sun Zfs Storage Appliance Kit (ak) Software,4.3,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2937,https://securityvulnerability.io/vulnerability/CVE-2018-2937,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5.3,MEDIUM,0.0014400000218302011,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3057,https://securityvulnerability.io/vulnerability/CVE-2018-3057,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,8.2,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2924,https://securityvulnerability.io/vulnerability/CVE-2018-2924,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Sun ZFS Storage Appliance Kit (AK) accessible data as well as unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 5.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5.7,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2923,https://securityvulnerability.io/vulnerability/CVE-2018-2923,,Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 2.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).,Oracle,Sun Zfs Storage Appliance Kit (ak) Software,2.3,LOW,0.000750000006519258,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2921,https://securityvulnerability.io/vulnerability/CVE-2018-2921,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 5.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5.8,MEDIUM,0.001129999989643693,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2918,https://securityvulnerability.io/vulnerability/CVE-2018-2918,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,7.5,HIGH,0.0015300000086426735,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2920,https://securityvulnerability.io/vulnerability/CVE-2018-2920,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.19. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Sun ZFS Storage Appliance Kit (AK) accessible data as well as unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,7.4,HIGH,0.0007300000288523734,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2917,https://securityvulnerability.io/vulnerability/CVE-2018-2917,,Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).,Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5.3,MEDIUM,0.0013299999991431832,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2916,https://securityvulnerability.io/vulnerability/CVE-2018-2916,,Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).,Oracle,Sun Zfs Storage Appliance Kit (ak) Software,2.7,LOW,0.0006799999973736703,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2905,https://securityvulnerability.io/vulnerability/CVE-2018-2905,,Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.20. Easily exploitable vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5.3,MEDIUM,0.001129999989643693,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2858,https://securityvulnerability.io/vulnerability/CVE-2018-2858,,Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5.3,MEDIUM,0.0013099999632686377,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2863,https://securityvulnerability.io/vulnerability/CVE-2018-2863,,"Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 5.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).",Oracle,Sun Zfs Storage Appliance Kit (ak) Software,5,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0