10
CVE-2017-10151
- EPSS 13.79%
- Published 30.10.2017 20:29:00
- Last modified 20.04.2025 01:37:25
- Source secalert_us@oracle.com
- Teams watchlist Login
- Open Login
Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager. While the vulnerability is in Oracle Identity Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
Data is provided by the National Vulnerability Database (NVD)
Oracle ≫ Identity Manager Version11.1.1.7
Oracle ≫ Identity Manager Version11.1.1.9
Oracle ≫ Identity Manager Version11.1.2.1.0
Oracle ≫ Identity Manager Version11.1.2.2.0
Oracle ≫ Identity Manager Version11.1.2.3
Oracle ≫ Identity Manager Version12.2.1.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.79% | 0.94 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 3.9 | 6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|