CVE-2017-3255

CWE-200Information Exposure3 documents3 sources
Severity
5.8MEDIUM
EPSS
0.5%
top 34.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Jdeveloper
Timeline
PublishedJan 27
Latest updateMay 17

Description

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. While the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerabili

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5oracle/jdeveloper7 versions+6
NVDoracle/jdeveloper7 versions+6

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-g3mq-97x4-gmv9: Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces)2022-05-17
CVEList
CVE-2017-3255: Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces)2017-01-27
CVE-2017-3255 (MEDIUM CVSS 5.8) | Vulnerability in the Oracle JDevelo | cvebase.io