9
CVE-2017-10102
- EPSS 0.67%
- Published 08.08.2017 15:29:03
- Last modified 20.04.2025 01:37:25
- Source secalert_us@oracle.com
- Teams watchlist Login
- Open Login
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
Data is provided by the National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version8.0
Debian ≫ Debian Linux Version9.0
Phoenixcontact ≫ Fl Mguard Dm Version <= 1.8.0
Netapp ≫ Active Iq Unified Manager SwPlatformwindows Version >= 7.3
Netapp ≫ Active Iq Unified Manager SwPlatformvmware_vsphere Version >= 9.5
Netapp ≫ Cloud Backup Version-
Netapp ≫ E-series Santricity Os Controller Version >= 11.0 <= 11.70.1
Netapp ≫ E-series Santricity Storage Manager Version-
Netapp ≫ Element Software Version-
Netapp ≫ Oncommand Balance Version-
Netapp ≫ Oncommand Insight Version-
Netapp ≫ Oncommand Performance Manager Version- SwPlatformvmware_vsphere
Netapp ≫ Oncommand Shift Version-
Netapp ≫ Oncommand Unified Manager SwPlatformvsphere Version <= 7.1
Netapp ≫ Oncommand Unified Manager SwPlatformwindows Version <= 7.1
Netapp ≫ Oncommand Unified Manager Version- SwPlatform7-mode
Netapp ≫ Plug-in For Symantec Netbackup Version-
Netapp ≫ Snapmanager Version- SwPlatformoracle
Netapp ≫ Snapmanager Version- SwPlatformsap
Netapp ≫ Steelstore Cloud Integrated Storage Version-
Netapp ≫ Storage Replication Adapter For Clustered Data Ontap SwPlatformwindows Version >= 7.2
Netapp ≫ Vasa Provider For Clustered Data Ontap Version >= 7.2
Netapp ≫ Vasa Provider For Clustered Data Ontap Version6.0
Netapp ≫ Virtual Storage Console SwPlatformvmware_vsphere Version >= 7.2
Netapp ≫ Virtual Storage Console Version6.0 SwPlatformvmware_vsphere
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Desktop Version7.0
Redhat ≫ Enterprise Linux Eus Version7.3
Redhat ≫ Enterprise Linux Eus Version7.4
Redhat ≫ Enterprise Linux Eus Version7.5
Redhat ≫ Enterprise Linux Eus Version7.6
Redhat ≫ Enterprise Linux Eus Version7.7
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Version7.0
Redhat ≫ Enterprise Linux Server Aus Version7.3
Redhat ≫ Enterprise Linux Server Aus Version7.4
Redhat ≫ Enterprise Linux Server Aus Version7.6
Redhat ≫ Enterprise Linux Server Aus Version7.7
Redhat ≫ Enterprise Linux Server Tus Version7.3
Redhat ≫ Enterprise Linux Server Tus Version7.4
Redhat ≫ Enterprise Linux Server Tus Version7.6
Redhat ≫ Enterprise Linux Server Tus Version7.7
Redhat ≫ Enterprise Linux Workstation Version6.0
Redhat ≫ Enterprise Linux Workstation Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.67% | 0.706 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9 | 2.2 | 6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|