CVE-2007-6360 : Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050

Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion.

Published 2007-12-15 01:46:00

Updated 2017-08-08 01:29:07

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2007-6360

Probability of exploitation activity in the next 30 days: 6.17%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-6360

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

References for CVE-2007-6360

Products affected by CVE-2007-6360

SUN » Extended System Control Facility Xcp 1040 » Firmware Edition
cpe:2.3:h:sun:extended_system_control_facility_xcp_1040:*:*:firmware:*:*:*:*:*
Matching versions
When used together with: SUN » Sparc Enterprise Server » Version: M4000
When used together with: SUN » Sparc Enterprise Server » Version: M5000
When used together with: SUN » Sparc Enterprise Server » Version: M8000
When used together with: SUN » Sparc Enterprise Server » Version: M9000

Vulnerability Details : CVE-2007-6360

Exploit prediction scoring system (EPSS) score for CVE-2007-6360

CVSS scores for CVE-2007-6360

References for CVE-2007-6360

Products affected by CVE-2007-6360