CVE-2025-53046
BaseFortify
Publication date: 2025-10-21
Last updated on: 2025-10-23
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | zfs_storage_appliance_kit | 8.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle ZFS Storage Appliance Kit, specifically in the Analytics component of version 8.8. It allows a highly privileged attacker with network access via HTTP to exploit the system easily. The attacker can cause the appliance to hang or repeatedly crash, resulting in a denial of service (DoS).
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker with high privileges and network access to cause the Oracle ZFS Storage Appliance Kit to hang or crash repeatedly. This leads to a complete denial of service, making the storage appliance unavailable and potentially disrupting business operations.