CVE-2025-62479
BaseFortify
Publication date: 2025-10-21
Last updated on: 2025-10-23
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | zfs_storage_appliance_kit | 8.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-267 | A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle ZFS Storage Appliance Kit, specifically in the Block Storage component of version 8.8. It allows a highly privileged attacker with network access via HTTP to exploit the system easily. The exploitation can lead to a partial denial of service (partial DOS) affecting the availability of the Oracle ZFS Storage Appliance Kit.
How can this vulnerability impact me? :
The impact of this vulnerability is a partial denial of service (partial DOS) on the Oracle ZFS Storage Appliance Kit, which means that the availability of the storage appliance can be disrupted, potentially affecting system operations that rely on it.