FKIE_CVE-2017-10053

Vulnerability from fkie_nvd - Published: 2017-08-08 15:29 - Updated: 2025-04-20 01:37
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
secalert_us@oracle.comhttp://www.debian.org/security/2017/dsa-3919Third Party Advisory
secalert_us@oracle.comhttp://www.debian.org/security/2017/dsa-3954Third Party Advisory
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlPatch, Vendor Advisory
secalert_us@oracle.comhttp://www.securityfocus.com/bid/99842Third Party Advisory, VDB Entry
secalert_us@oracle.comhttp://www.securitytracker.com/id/1038931Third Party Advisory, VDB Entry
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:1789Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:1790Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:1791Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:1792Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:2424Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:2469Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:2481Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:2530Third Party Advisory
secalert_us@oracle.comhttps://access.redhat.com/errata/RHSA-2017:3453Third Party Advisory
secalert_us@oracle.comhttps://cert.vde.com/en-us/advisories/vde-2017-002Third Party Advisory
secalert_us@oracle.comhttps://security.gentoo.org/glsa/201709-22Third Party Advisory
secalert_us@oracle.comhttps://security.netapp.com/advisory/ntap-20170720-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2017/dsa-3919Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2017/dsa-3954Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/99842Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038931Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1789Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1790Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1791Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1792Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2424Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2469Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2481Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2530Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:3453Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert.vde.com/en-us/advisories/vde-2017-002Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201709-22Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20170720-0001/Third Party Advisory
Impacted products
Vendor Product Version
oracle jdk 1.6.0
oracle jdk 1.7.0
oracle jdk 1.8.0
oracle jre 1.6.0
oracle jre 1.7.0
oracle jre 1.8.0
oracle jrockit r28.3.14
debian debian_linux 9.0
debian debian_linux 10.0
redhat satellite 5.8
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_tus 7.4
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_workstation 7.0
netapp active_iq_unified_manager *
netapp active_iq_unified_manager *
netapp cloud_backup -
netapp e-series_santricity_os_controller *
netapp e-series_santricity_storage_manager -
netapp element_software -
netapp oncommand_balance -
netapp oncommand_insight -
netapp oncommand_performance_manager -
netapp oncommand_shift -
netapp oncommand_unified_manager *
netapp oncommand_unified_manager *
netapp oncommand_unified_manager -
netapp plug-in_for_symantec_netbackup -
netapp snapmanager -
netapp snapmanager -
netapp steelstore_cloud_integrated_storage -
netapp storage_replication_adapter_for_clustered_data_ontap *
netapp storage_replication_adapter_for_clustered_data_ontap 9.6
netapp vasa_provider *
netapp vasa_provider 6.0
netapp virtual_storage_console *
netapp virtual_storage_console 6.0
netapp virtual_storage_console 6.2.2
phoenixcontact fl_mguard_dm *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
              "matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
              "matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
              "matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
              "matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
              "matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
              "matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
              "versionStartIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
              "versionStartIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
              "versionEndIncluding": "11.70.1",
              "versionStartIncluding": "11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
              "matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
              "versionEndIncluding": "7.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
              "versionEndIncluding": "7.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
              "matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
              "matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
              "matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
              "versionStartIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4022E33-B50C-4B0D-8485-F9091B6E57E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:vasa_provider:*:*:*:*:*:clustered_data_ontap:*:*",
              "matchCriteriaId": "C57F75D8-DF7A-49D1-BB27-FF21661107B3",
              "versionStartIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:vasa_provider:6.0:*:*:*:*:clustered_data_ontap:*:*",
              "matchCriteriaId": "74118415-7E65-4D4B-A5E8-51D17CE5B6EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vsphere:*:*",
              "matchCriteriaId": "066C2961-E9C4-418E-82AF-1A7C35D5C085",
              "versionStartIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vsphere:*:*",
              "matchCriteriaId": "C54F036F-C6F9-47B5-AFFA-DD3C1D08DD9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.2.2:*:*:*:*:vsphere:*:*",
              "matchCriteriaId": "88B2E009-A457-4C3D-A8CF-84B7F3E8DA90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
              "versionEndIncluding": "1.8.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: 2D). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones en sandbox Java Web Start y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
    }
  ],
  "id": "CVE-2017-10053",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-08-08T15:29:01.773",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2017/dsa-3919"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2017/dsa-3954"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99842"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038931"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1789"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1790"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1791"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1792"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2424"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2469"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2481"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2530"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:3453"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201709-22"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2017/dsa-3919"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2017/dsa-3954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99842"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1792"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2469"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:3453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201709-22"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.