Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2017-10356
Modified
More InfoOfficial Page
Source-secalert_us@oracle.com
View Known Exploited Vulnerability (KEV) details
Published At-19 Oct, 2017 | 17:29
Updated At-13 May, 2026 | 00:24

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 3.1
Base score: 6.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.8.0
cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.9.0
cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.8.0
cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.9.0
cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>satellite>>5.8
cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>7.4
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>7.5
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>7.6
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>7.7
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server>>6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server>>7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>7.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>7.6
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>7.7
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_tus>>7.4
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_tus>>7.6
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_tus>>7.7
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_workstation>>6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_workstation>>7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>active_iq_unified_manager>>Versions from 7.3(inclusive)
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
NetApp, Inc.
netapp
>>active_iq_unified_manager>>Versions from 9.5(inclusive)
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
NetApp, Inc.
netapp
>>cloud_backup>>-
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>e-series_santricity_management_plug-ins>>-
cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*
NetApp, Inc.
netapp
>>e-series_santricity_os_controller>>Versions from 11.0(inclusive) to 11.70.1(inclusive)
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>e-series_santricity_storage_manager>>-
cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>e-series_santricity_web_services>>-
cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
NetApp, Inc.
netapp
>>element_software>>-
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>oncommand_balance>>-
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>oncommand_insight>>-
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>oncommand_performance_manager>>-
cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
NetApp, Inc.
netapp
>>oncommand_shift>>-
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>oncommand_unified_manager>>Versions up to 7.1(inclusive)
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*
NetApp, Inc.
netapp
>>oncommand_unified_manager>>Versions up to 7.1(inclusive)
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*
NetApp, Inc.
netapp
>>oncommand_unified_manager>>-
cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
NetApp, Inc.
netapp
>>oncommand_workflow_automation>>-
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>plug-in_for_symantec_netbackup>>-
cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>snapmanager>>-
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
NetApp, Inc.
netapp
>>snapmanager>>-
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
NetApp, Inc.
netapp
>>steelstore_cloud_integrated_storage>>-
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>storage_replication_adapter_for_clustered_data_ontap>>Versions from 7.2(inclusive)
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*
NetApp, Inc.
netapp
>>storage_replication_adapter_for_clustered_data_ontap>>Versions from 7.2(inclusive)
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*
NetApp, Inc.
netapp
>>vasa_provider_for_clustered_data_ontap>>Versions from 7.2(inclusive)
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>vasa_provider_for_clustered_data_ontap>>6.0
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>virtual_storage_console>>Versions from 7.2(inclusive)
cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlsecalert_us@oracle.com
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101413secalert_us@oracle.com
Broken Link
http://www.securitytracker.com/id/1039596secalert_us@oracle.com
Broken Link
https://access.redhat.com/errata/RHSA-2017:2998secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2999secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3046secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3047secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3264secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3267secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3268secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3392secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3453secalert_us@oracle.com
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00033.htmlsecalert_us@oracle.com
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/201710-31secalert_us@oracle.com
Third Party Advisory
https://security.gentoo.org/glsa/201711-14secalert_us@oracle.com
Third Party Advisory
https://security.netapp.com/advisory/ntap-20171019-0001/secalert_us@oracle.com
Third Party Advisory
https://www.debian.org/security/2017/dsa-4015secalert_us@oracle.com
Third Party Advisory
https://www.debian.org/security/2017/dsa-4048secalert_us@oracle.com
Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101413af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.securitytracker.com/id/1039596af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://access.redhat.com/errata/RHSA-2017:2998af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2999af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3046af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3047af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3264af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3267af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3268af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3392af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3453af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00033.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/201710-31af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://security.gentoo.org/glsa/201711-14af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://security.netapp.com/advisory/ntap-20171019-0001/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.debian.org/security/2017/dsa-4015af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.debian.org/security/2017/dsa-4048af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Source: secalert_us@oracle.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/101413
Source: secalert_us@oracle.com
Resource:
Broken Link
Hyperlink: http://www.securitytracker.com/id/1039596
Source: secalert_us@oracle.com
Resource:
Broken Link
Hyperlink: https://access.redhat.com/errata/RHSA-2017:2998
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:2999
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3046
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3047
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3264
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3267
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3268
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3392
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3453
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html
Source: secalert_us@oracle.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201710-31
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201711-14
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20171019-0001/
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2017/dsa-4015
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2017/dsa-4048
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/101413
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.securitytracker.com/id/1039596
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://access.redhat.com/errata/RHSA-2017:2998
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:2999
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3046
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3047
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3264
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3267
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3268
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3392
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2017:3453
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201710-31
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201711-14
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20171019-0001/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2017/dsa-4015
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2017/dsa-4048
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Change History
0Changes found
Details not found