Oracle ZFS Storage Appliance Kit Object Store Component Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the Oracle ZFS Storage Appliance Kit, specifically in version 8.8, within the Object Store component. This vulnerability allows a high-privileged attacker with network access via HTTP to cause a complete hang or a frequently repeatable crash of the Oracle ZFS Storage Appliance Kit.

Impact

Exploitation of this vulnerability leads to a complete denial-of-service condition, causing the Oracle ZFS Storage Appliance Kit to hang or crash repeatedly.

Added: Oct 21, 2025, 8:55 PM

Updated: Oct 21, 2025, 8:55 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle ZFS Storage Appliance Kit Object Store Component Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

Oracle ZFS Storage Appliance Kit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating