QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-10388

Back to search

CVE-2017-10388

Published: Oct 19, 2017

Modified: Oct 4, 2024

PUBLISHED

Description

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).

VendorProductVersions

Oracle Corporation

Java

affected
Java SE: 6u161
affected
7u151
affected
8u144
affected
9; Java SE Embedded: 8u144

References

RHSA-2017:3047
vendor-advisory
x_refsource_REDHAT
GLSA-201711-14
vendor-advisory
x_refsource_GENTOO
101321
vdb-entry
x_refsource_BID
DSA-4015
vendor-advisory
x_refsource_DEBIAN
RHSA-2017:3267
vendor-advisory
x_refsource_REDHAT
RHSA-2017:2998
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3268
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3046
vendor-advisory
x_refsource_REDHAT
1039596
vdb-entry
x_refsource_SECTRACK
GLSA-201710-31
vendor-advisory
x_refsource_GENTOO
RHSA-2017:3264
vendor-advisory
x_refsource_REDHAT
DSA-4048
vendor-advisory
x_refsource_DEBIAN
RHSA-2017:3453
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3392
vendor-advisory
x_refsource_REDHAT
RHSA-2017:2999
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now