CVE-2025-62476
BaseFortify
Publication date: 2025-10-21
Last updated on: 2025-10-23
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | zfs_storage_appliance_kit | 8.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle ZFS Storage Appliance Kit, specifically in the Remote Replication component of version 8.8. It allows a highly privileged attacker with network access via HTTP to exploit the system easily. The attacker can cause the appliance to hang or repeatedly crash, resulting in a denial of service (DoS) condition.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service (DoS) on the Oracle ZFS Storage Appliance Kit, which means the system can become unresponsive or crash repeatedly. This can disrupt availability of the storage appliance, potentially affecting business operations that rely on it.