CyberSec.Space Logo
Back to CVE Browser

CVE-2020-14871

Known Exploited (CISA KEV)CRITICAL
10.0
CVSS Severity Score
EPSS Score26.1130%
EPSS Percentile92.42th
PublishedOct 21, 2020
Last ModifiedOct 27, 2025

Vulnerability Description

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Affected Platforms (CPE)

πŸ’»
Oracle

Solaris

>= 10 and < 11.1
πŸ’»
Oracle

Solaris

= 9

References & Advisories

πŸ”— http://packetstormsecurity.com/files/159961/SunSSH-Solaris-10-x86-Remote-Root.html
πŸ”— http://packetstormsecurity.com/files/160510/Solaris-SunSSH-11.0-x86-libpam-Remote-Root.html
πŸ”— http://packetstormsecurity.com/files/160609/Oracle-Solaris-SunSSH-PAM-parse_user_name-Buffer-Overflow.html
πŸ”— http://packetstormsecurity.com/files/163232/Solaris-SunSSH-11.0-Remote-Root.html
πŸ”— http://www.openwall.com/lists/oss-security/2021/03/03/1
πŸ”— http://www.openwall.com/lists/oss-security/2024/07/03/3
πŸ”— https://www.oracle.com/security-alerts/cpuoct2020.html
πŸ”— http://packetstormsecurity.com/files/159961/SunSSH-Solaris-10-x86-Remote-Root.html

Related Vulnerabilities

CVE-1999-010110.0

Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.

CVE-1999-097410.0

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

CVE-1999-097310.0

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is runn...

CVE-2000-003210.0

Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.