CVE-2017-10293

6 documents6 sources

Severity

6.1MEDIUM

EPSS

0.4%

top 37.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netapp E-series Santricity OS Controller Netapp Oncommand Unified Manager Oracle Corporation Java +6 more

Timeline

PublishedOct 19

Latest updateMay 13

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages9 packages

▶CVEListV5oracle_corporation/java4 versions+3

▶NVDoracle/jdk4 versions+3

▶NVDoracle/jre4 versions+3

▶NVDnetapp/oncommand_unified_manager7.1

▶NVDnetapp/e-series_santricity_os_controller11.0 — 11.70.1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-42p8-x3rm-58mv: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc)↗2022-05-13

▶

CVEList

CVE-2017-10293: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc)↗2017-10-19

▶

📋Vendor Advisories

Red Hat

JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)↗2017-10-17

▶

Debian

CVE-2017-10293: openjdk-8 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc)...↗2017

▶

💬Community

Bugzilla

CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)↗2017-10-17

▶