How severe is CVE-2018-2623?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.3 out of 10.

What type of vulnerability is CVE-2018-2623?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2018-2623

CRITICAL Year: 2018

CVSS v3 Score

9.3

Critical

CVSS v2 Score

5.0

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Sun ZFS Storage Appliance Kit (AK) accessible data as well as unauthorized update, insert or delete access to some of Sun ZFS Storage Appliance Kit (AK) accessible data. CVSS 3.0 Base Score 9.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N).

CVE-2018-11284

CRITICAL

CVSS:9.3(Critical)

Spoofed SMS can be used to send a large number of messages to the device which will in turn initiate a flood of registration updates with the server in snapdragon mobile and snapdragon wear in version...

NVD-CWE-Other2018

CVE-2018-2739

CRITICAL

CVSS:9.3(Critical)

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Easi...

NVD-CWE-Other2018

CVE-2019-20606

CRITICAL

CVSS:9.3(Critical)

An issue was discovered on Samsung mobile devices with any (before May 2019) software. A phishing attack against OMACP can change the network and internet settings. The Samsung ID is SVE-2019-14073 (M...

NVD-CWE-Other2019

CVE-2019-2702

CRITICAL

CVSS:9.3(Critical)

Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications (subcomponent: Web Service). The supported version that is affected is 8.0.80. Easily...

NVD-CWE-Other2019

CVE-2019-3020

CRITICAL

CVSS:9.3(Critical)

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 15.1.0-15.2.1...

NVD-CWE-Other2019

CVE-2019-9812

CRITICAL

CVSS:9.3(Critical)

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious...

NVD-CWE-Other2019

CVE-2018-2623

Vulnerability Description

Related Vulnerabilities

CVE-2018-11284

CVE-2018-2739

CVE-2019-20606

CVE-2019-2702

CVE-2019-3020

CVE-2019-9812