How severe is CVE-2025-21551?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2025-21551?

This is classified as CWE-732, which is a common weakness in software security.

CVE-2025-21551 - MEDIUM Severity | CVSS 6

Vulnerability Description

Vulnerability in the Oracle Solaris product of Oracle Systems (component: File system). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Solaris accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).

Related Vulnerabilities

CVE-2024-41820

MEDIUM

CVSS:6.0(Medium)

Kubean is a cluster lifecycle management toolchain based on kubespray and other cluster LCM engine. The ClusterRole has `*` verbs of `*` resources. If a malicious user can access the worker node which...

CWE-7322024

CVE-2025-46802

MEDIUM

CVSS:6.0(Medium)

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

CWE-7322025

CVE-2014-10401

MEDIUM

CVSS:6.1(Medium)

An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.

CWE-7322014

CVE-2014-10402

MEDIUM

CVSS:6.1(Medium)

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DS...

CWE-7322014

CVE-2017-8449

MEDIUM

CVSS:5.9(Medium)

X-Pack Security 5.2.x would allow access to more fields than the user should have seen if the field level security rules used a mix of grant and exclude rules when merging multiple rules with field le...

CWE-7322017

CVE-2019-19341

MEDIUM

CVSS:5.9(Medium)

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user wi...

CWE-7322019