CVE-2009-3390

Name: CVE-2009-3390
Creator: NVD / NIST
Published: 2009-09-24T18:30:00.547+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.42%

Last modified Jun 16, 2026

CVE-2009-3390 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library.. EPSS estimates a 0.42% chance of exploitation in the next 30 days.

Description

Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library.

Metrics

EPSS Probability

0.42%

33.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Sun	Opensolaris	snv_30
Sun	Opensolaris	snv_31
Sun	Opensolaris	snv_32
Sun	Opensolaris	snv_33
Sun	Opensolaris	snv_34
Sun	Opensolaris	snv_35
Sun	Opensolaris	snv_36
Sun	Opensolaris	snv_37
Sun	Opensolaris	snv_38
Sun	Opensolaris	snv_39
Sun	Opensolaris	snv_40
Sun	Opensolaris	snv_41
Sun	Opensolaris	snv_42
Sun	Opensolaris	snv_43
Sun	Opensolaris	snv_44
Sun	Opensolaris	snv_45
Sun	Opensolaris	snv_46
Sun	Opensolaris	snv_47
Sun	Opensolaris	snv_48
Sun	Opensolaris	snv_49
Sun	Opensolaris	snv_50
Sun	Opensolaris	snv_51
Sun	Opensolaris	snv_52
Sun	Opensolaris	snv_53
Sun	Opensolaris	snv_54
Sun	Opensolaris	snv_55
Sun	Opensolaris	snv_56
Sun	Opensolaris	snv_57
Sun	Opensolaris	snv_58
Sun	Opensolaris	snv_59
Sun	Opensolaris	snv_60
Sun	Opensolaris	snv_61
Sun	Opensolaris	snv_62
Sun	Opensolaris	snv_63
Sun	Opensolaris	snv_64
Sun	Opensolaris	snv_65
Sun	Opensolaris	snv_66
Sun	Opensolaris	snv_67
Sun	Opensolaris	snv_68
Sun	Opensolaris	snv_69
Sun	Opensolaris	snv_70
Sun	Opensolaris	snv_71
Sun	Opensolaris	snv_72
Sun	Opensolaris	snv_73
Sun	Opensolaris	snv_74
Sun	Opensolaris	snv_75
Sun	Opensolaris	snv_76
Sun	Opensolaris	snv_77
Sun	Opensolaris	snv_78
Sun	Opensolaris	snv_79

Showing 50 of 82 affected configurations. See NVD for the full list.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-21-119090-33-1Patch, Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-261849-1Patch, Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-119090-33-1Patch, Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-261849-1Patch, Vendor Advisory

Timeline

Published: Sep 24, 2009
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-3390?

How severe is CVE-2009-3390?

Severity scoring for CVE-2009-3390 is pending analysis. The EPSS model estimates a 0.42% probability of exploitation in the next 30 days.

How do I fix CVE-2009-3390?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-3390?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST