CVE-2017-10102 in Java SEinfo

Zusammenfassung

von MITRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

21.06.2017

Veröffentlichung

08.08.2017

Moderieren

akzeptiert

Eintrag

VDB-104012

CPE

bereit

CWE

CWE-284 (bestätigt)

CVSS

9.0 (NVD)

EPSS

0.00358

KEV

nein

Aktivitäten

very low

Sektor

Chemical, Education, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-10102
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-10102
CVE Details	https://www.cvedetails.com/cve/CVE-2017-10102/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!