The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
Base Score: 10
Impact Score: 10
Exploitability Score: 10
Base Score: 10
Impact Score: 6
Exploitability Score: 3.9
|142712||Oracle Solaris PAM parse_user_name() buffer overflow (CVE-2020-14871)||Nessus||Misc.|
|141773||Oracle Solaris Critical Patch Update : oct2020_SRU11_4_24_75_2||Nessus||Solaris Local Security Checks|
|141772||Oracle Solaris Critical Patch Update : oct2020_SRU11_3_36_23_0||Nessus||Solaris Local Security Checks|
|141557||Solaris 10 (sparc) : 153074-01||Nessus||Solaris Local Security Checks|
|141553||Solaris 10 (x86) : 153075-01||Nessus||Solaris Local Security Checks|