CVE-2010-0271

medium

Description

hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/55461

http://www.vupen.com/english/advisories/2010/0076

http://www.securitytracker.com/id?1023416

http://www.securityfocus.com/bid/37656

http://sunsolve.sun.com/search/document.do?assetkey=1-66-274830-1

Details

Source: Mitre, NVD

Published: 2010-01-08

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00081