CVE-2023-21833

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 17, 2024

Updated: Feb 20, 2024

Summary

CVE-2023-21833 is a vulnerability affecting Oracle ZFS Storage Appliance Kit, specifically version 8.8 (Oracle Systems component: Object Store). This issue allows a low-privileged attacker with network access via HTTP to compromise the Oracle ZFS Storage Appliance Kit. Successfully exploited vulnerabilities could result in unauthorized read access to a subset of the accessible data. The Base Score of this vulnerability, according to the Common Vulnerability Scoring System v3.1, is 4.3, with impacts on confidentiality. The attack vector is classified as Network (AV:N), the attack complexity as Low (AC:L), the privileges required as Low (PR:L), the attack interface as None (UI:N), the scope of impact as Unchanged (S:U), the confidentiality impacts as Low (C:L), and the integrity and availability impacts as None (I:N, A:N).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database