CVE-2025-62290
📊 7.2 HIGH⚡ 0.1%🎯 0 exploits
📅 Published Oct 21, 2025
📋 Status: Analyzed
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Block Storage). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in takeover of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
1 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | oracle | zfs storage appliance kit | 8.8 | Vulnerable | cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: 8.8
CPE:
cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
HIGH
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
7.2 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.1% (Minimal)28.4th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Oct 21, 2025 (11 days ago)
Last Modified
Oct 23, 2025 (9 days ago)
Security Weaknesses1
CWE-284
References2
NVDgeneral