Main Vulnerability Database Vulnerabilities #VU17058

Privilege escalation in Oracle Solaris - CVE-2019-2541

Published: January 17, 2019

Vulnerability identifier: #VU17058

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-2541

CWE-ID: CWE-264

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Solaris

Detailed vulnerability description

The vulnerability allows an adjacent attacker to gain elevated privileges.

The weakness exists due to unspecified flaw in DHCP Client. An adjacent attacker can gain elevated privileges to conduct further attacks.

How to mitigate CVE-2019-2541

Install update from vendor's website.

Sources

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixEM

Privilege escalation in Oracle Solaris - CVE-2019-2541

Detailed vulnerability description

How to mitigate CVE-2019-2541

Sources

Please verify you're human