Main Vulnerability Database Vulnerabilities #VU17058

#VU17058 Privilege escalation in Oracle Solaris - CVE-2019-2541

Published: January 17, 2019

Vulnerability identifier: #VU17058

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-2541

CWE-ID: CWE-264

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Oracle Solaris

Software vendor:
Oracle

Description

The vulnerability allows an adjacent attacker to gain elevated privileges.

The weakness exists due to unspecified flaw in DHCP Client. An adjacent attacker can gain elevated privileges to conduct further attacks.

Remediation

Install update from vendor's website.

External links

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixEM

#VU17058 Privilege escalation in Oracle Solaris - CVE-2019-2541

Description

Remediation

External links

Please verify you're human