5.3
CVE-2017-10053
- EPSS 1.28%
- Published 08.08.2017 15:29:01
- Last modified 20.04.2025 01:37:25
- Source secalert_us@oracle.com
- Teams watchlist Login
- Open Login
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Data is provided by the National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version9.0
Debian ≫ Debian Linux Version10.0
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Desktop Version7.0
Redhat ≫ Enterprise Linux Eus Version7.3
Redhat ≫ Enterprise Linux Eus Version7.4
Redhat ≫ Enterprise Linux Eus Version7.5
Redhat ≫ Enterprise Linux Eus Version7.6
Redhat ≫ Enterprise Linux Eus Version7.7
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Version7.0
Redhat ≫ Enterprise Linux Server Aus Version7.3
Redhat ≫ Enterprise Linux Server Aus Version7.4
Redhat ≫ Enterprise Linux Server Aus Version7.6
Redhat ≫ Enterprise Linux Server Aus Version7.7
Redhat ≫ Enterprise Linux Server Tus Version7.3
Redhat ≫ Enterprise Linux Server Tus Version7.4
Redhat ≫ Enterprise Linux Server Tus Version7.6
Redhat ≫ Enterprise Linux Server Tus Version7.7
Redhat ≫ Enterprise Linux Workstation Version6.0
Redhat ≫ Enterprise Linux Workstation Version7.0
Netapp ≫ Active Iq Unified Manager SwPlatformwindows Version >= 7.3
Netapp ≫ Active Iq Unified Manager SwPlatformvmware_vsphere Version >= 9.5
Netapp ≫ Cloud Backup Version-
Netapp ≫ E-series Santricity Os Controller Version >= 11.0 <= 11.70.1
Netapp ≫ E-series Santricity Storage Manager Version-
Netapp ≫ Element Software Version-
Netapp ≫ Oncommand Balance Version-
Netapp ≫ Oncommand Insight Version-
Netapp ≫ Oncommand Performance Manager Version- SwPlatformvmware_vsphere
Netapp ≫ Oncommand Shift Version-
Netapp ≫ Oncommand Unified Manager SwPlatformvsphere Version <= 7.1
Netapp ≫ Oncommand Unified Manager SwPlatformwindows Version <= 7.1
Netapp ≫ Oncommand Unified Manager Version- SwPlatform7-mode
Netapp ≫ Plug-in For Symantec Netbackup Version-
Netapp ≫ Snapmanager Version- SwPlatformoracle
Netapp ≫ Snapmanager Version- SwPlatformsap
Netapp ≫ Steelstore Cloud Integrated Storage Version-
Netapp ≫ Storage Replication Adapter For Clustered Data Ontap SwPlatformwindows Version >= 7.2
Netapp ≫ Vasa Provider SwPlatformclustered_data_ontap Version >= 7.2
Netapp ≫ Vasa Provider Version6.0 SwPlatformclustered_data_ontap
Netapp ≫ Virtual Storage Console SwPlatformvsphere Version >= 7.2
Netapp ≫ Virtual Storage Console Version6.0 SwPlatformvsphere
Netapp ≫ Virtual Storage Console Version6.2.2 SwPlatformvsphere
Phoenixcontact ≫ Fl Mguard Dm Version <= 1.8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.28% | 0.79 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|