CVE-2011-2288 - OpenCVE

Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM) in SysFW 8.1.0.a and earlier for various Oracle SPARC T3, SPARC Netra T3, Sun Blade, and Sun Fire servers allows remote attackers to affect confidentiality, integrity, and availability, related to ILOM.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Oracle	Sparc T3-1 Sparc T3-4 Sparc T3-2 Netra Sparc T3-1 Sparc T3-1b Sysfw Netra Sparc T3-1b

Configuration 1 [-]

OR	cpe:2.3:a:oracle:sysfw::::::::
	cpe:2.3:a:oracle:sysfw:6.0:::::::*
	cpe:2.3:a:oracle:sysfw:6.1:::::::*
	cpe:2.3:a:oracle:sysfw:6.2:::::::*
	cpe:2.3:a:oracle:sysfw:6.3:::::::*
	cpe:2.3:a:oracle:sysfw:6.4:::::::*
	cpe:2.3:a:oracle:sysfw:6.5:::::::*
	cpe:2.3:a:oracle:sysfw:6.6:::::::*
	cpe:2.3:a:oracle:sysfw:6.7:::::::*
	cpe:2.3:a:oracle:sysfw:7.0:::::::*
	cpe:2.3:a:oracle:sysfw:7.1:::::::*
	cpe:2.3:a:oracle:sysfw:7.2:::::::*
	cpe:2.3:a:oracle:sysfw:7.3:::::::*
	cpe:2.3:a:oracle:sysfw:7.4:::::::*
	cpe:2.3:a:oracle:sysfw:8.0:::::::*
	cpe:2.3:a:oracle:sysfw:8.0.3:b::::::
	cpe:2.3:a:oracle:sysfw:8.1:::::::*
	cpe:2.3:h:oracle:netra_sparc_t3-1:-:::::::*
	cpe:2.3:h:oracle:netra_sparc_t3-1b:-:::::::*
	cpe:2.3:h:oracle:sparc_t3-1:-:::::::*
	cpe:2.3:h:oracle:sparc_t3-1b:-:::::::*
	cpe:2.3:h:oracle:sparc_t3-2:-:::::::*
	cpe:2.3:h:oracle:sparc_t3-4:-:::::::*

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html	Patch Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-201A.html	US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2011-07-21T00:00:00

Updated: 2011-10-05T09:00:00

Reserved: 2011-06-02T00:00:00

Link: CVE-2011-2288

JSON object: View

NVD Information

Status : Modified

Published: 2011-07-21T00:55:01.897

Modified: 2011-10-05T02:54:55.333

Link: CVE-2011-2288

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-19T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM) in SysFW 8.1.0.a and earlier for various Oracle SPARC T3, SPARC Netra T3, Sun Blade, and Sun Fire servers allows remote attackers to affect confidentiality, integrity, and availability, related to ILOM."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-10-05T09:00:00", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "TA11-201A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2011-2288", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM) in SysFW 8.1.0.a and earlier for various Oracle SPARC T3, SPARC Netra T3, Sun Blade, and Sun Fire servers allows remote attackers to affect confidentiality, integrity, and availability, related to ILOM."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "TA11-201A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2011-2288", "datePublished": "2011-07-21T00:00:00", "dateReserved": "2011-06-02T00:00:00", "dateUpdated": "2011-10-05T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:sysfw:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C66DAE1-F8F4-4120-BDB1-657FAB03FFA5", "versionEndIncluding": "8.1.0.a", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "B131F02A-5BD4-48D7-81FD-2485805D8483", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F6D5BDE-C140-400A-9998-F46ECF82F85B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "18534091-F467-4290-8F18-28152F07C9EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "5188BCD2-ACD2-4829-8FD2-6757A8308010", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "A597C28E-ED86-455B-9DEA-EB53238FA03A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "D46DED05-A4EE-4CC0-B604-4003BA2CBE57", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "A9C2851C-6DEE-425D-B6E4-B1F39C32977A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "A8EF6C36-1B34-4BBE-B593-1F5F497B72D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "5BC5CCBC-7D2D-49A5-86FB-1AFEE3764179", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "53BDF8D3-4563-4F6E-9F58-BD0317846771", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "A3E9D531-8D93-456A-BEFC-FB3A9F7267CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "49ABEC3F-ECE5-4E9D-B348-86F11DBD073D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBE533AD-1309-43D2-B9A3-978FD26BC835", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C574BB15-9432-4455-AB00-72783DE75CFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:8.0.3:b:*:*:*:*:*:*", "matchCriteriaId": "5A0E6AD0-4E73-4B22-8AC6-D47C36BCC3A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:sysfw:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "337ACF52-AB10-4892-890C-909F9374F914", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:netra_sparc_t3-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B04C334-C863-47C0-A180-26254ACB1065", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:netra_sparc_t3-1b:-:*:*:*:*:*:*:*", "matchCriteriaId": "26BC7F09-2F19-4692-BF40-239BF3B007F9", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_t3-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "92144B15-6A30-4451-9CB8-3E94E2550F4D", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_t3-1b:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF19DEF8-E1BC-48BD-9852-071F57D31B07", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_t3-2:-:*:*:*:*:*:*:*", "matchCriteriaId": "E21A92F3-00AF-4650-8219-812C71EE3B2C", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_t3-4:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4164246-50E7-46E5-BCB9-1CE4913361E4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM) in SysFW 8.1.0.a and earlier for various Oracle SPARC T3, SPARC Netra T3, Sun Blade, and Sun Fire servers allows remote attackers to affect confidentiality, integrity, and availability, related to ILOM."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Sun Integrated Lights Out Manager (ILOM) en SysFW v8.1.0.a y anteriores para varios Oracle SPARC T3, SPARC Netra T3, Sun Blade, y los servidores Sun Fire permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad, relacionados con ILOM."}], "id": "CVE-2011-2288", "lastModified": "2011-10-05T02:54:55.333", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-07-21T00:55:01.897", "references": [{"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"}, {"source": "secalert_us@oracle.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}