{"containers": {"cna": {"affected": [{"product": "Sun ZFS Storage Appliance Kit (AK) Software", "vendor": "Oracle Corporation", "versions": [{"status": "affected", "version": "AK 2013"}]}], "datePublic": "2017-04-18T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). The supported version that is affected is AK 2013. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."}], "problemTypes": [{"descriptions": [{"description": "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK).", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T09:57:01.000Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"}, {"name": "1038292", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038292"}, {"name": "97801", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97801"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2017-3621", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Sun ZFS Storage Appliance Kit (AK) Software", "version": {"version_data": [{"version_affected": "=", "version_value": "AK 2013"}]}}]}, "vendor_name": "Oracle Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). The supported version that is affected is AK 2013. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK)."}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"}, {"name": "1038292", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038292"}, {"name": "97801", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97801"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:30:59.010Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"}, {"name": "1038292", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038292"}, {"name": "97801", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/97801"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-04T16:19:41.696384Z", "id": "CVE-2017-3621", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-04T19:15:50.800Z"}}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2017-3621", "datePublished": "2017-04-24T19:00:00.000Z", "dateReserved": "2016-12-06T00:00:00.000Z", "dateUpdated": "2024-10-04T19:15:50.800Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1038292", "name": "1038292", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/97801", "name": "97801", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:30:59.010Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2017-3621", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-04T16:19:41.696384Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-04T16:20:13.238Z"}}], "cna": {"affected": [{"vendor": "Oracle Corporation", "product": "Sun ZFS Storage Appliance Kit (AK) Software", "versions": [{"status": "affected", "version": "AK 2013"}]}], "datePublic": "2017-04-18T00:00:00.000Z", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.securitytracker.com/id/1038292", "name": "1038292", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "http://www.securityfocus.com/bid/97801", "name": "97801", "tags": ["vdb-entry", "x_refsource_BID"]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). The supported version that is affected is AK 2013. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK)."}]}], "providerMetadata": {"orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle", "dateUpdated": "2017-07-10T09:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "AK 2013", "version_affected": "="}]}, "product_name": "Sun ZFS Storage Appliance Kit (AK) Software"}]}, "vendor_name": "Oracle Corporation"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id/1038292", "name": "1038292", "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/97801", "name": "97801", "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). The supported version that is affected is AK 2013. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK)."}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2017-3621", "STATE": "PUBLIC", "ASSIGNER": "secalert_us@oracle.com"}}}}, "cveMetadata": {"cveId": "CVE-2017-3621", "state": "PUBLISHED", "dateUpdated": "2024-10-04T19:15:50.800Z", "dateReserved": "2016-12-06T00:00:00.000Z", "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "datePublished": "2017-04-24T19:00:00.000Z", "assignerShortName": "oracle"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:ak_2013:*:*:*:*:*:*:*", "matchCriteriaId": "D9B7B268-6120-4030-9EC6-39608F403352", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). The supported version that is affected is AK 2013. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."}, {"lang": "es", "value": "La versi\u00f3n afectada es la AK 2013. La vulnerabilidad f\u00e1cilmente explotable permite a un atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer Sun ZFS Storage Appliance Kit (AK). Los ataques exitosos de esta vulnerabilidad pueden resultar en la capacidad no autorizada para causar un bloqueo o ca\u00edda abrupta del servicio repetible (DoS completo) del Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 7.5 (Impacto en la disponibilidad). Vector CVSS: (CVSS: 3.0 / AV: N / AC: L / PR: N / UI: N / S: U / C: N / I: N / A: H)."}], "id": "CVE-2017-3621", "lastModified": "2026-05-13T00:24:29.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-24T19:59:06.737", "references": [{"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97801"}, {"source": "secalert_us@oracle.com", "url": "http://www.securitytracker.com/id/1038292"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97801"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1038292"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}