CVE-2017-10388
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-10388
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Oracle Java SE和Oracle Java SE Embedded 访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle Java SE和Oracle Java SE Embedded都是美国甲骨文(Oracle)公司的产品。Oracle Java SE是一款用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。Oracle Java SE Embedded是一款针对嵌入式系统的、可移植的应用程序的Java平台。 Oracle Java SE和Oracle Java SE Embedded中的Libraries子组件存在访问控制错误漏洞。攻击者可利用该漏洞控制组件,影响数据的完整性、保密性和可用
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Oracle Corporation | Java | Java SE: 6u161 | - |
II. Public POCs for CVE-2017-10388
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-10388
请登录查看更多情报信息。
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlx_refsource_CONFIRM
- https://security.netapp.com/advisory/ntap-20171019-0001/x_refsource_CONFIRM
- https://www.synology.com/support/security/Synology_SA_17_66_OpenJDKx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2017-10388
Same Patch Batch · Oracle Corporation · 2017-10-19 · 178 CVEs total
| CVE-2017-10372 | Oracle Hospitality Applications Oracle Hospitality Guest Access组件安全漏洞 | |
| CVE-2017-10359 | Oracle Hyperion Oracle Hyperion BI+组件安全漏洞 | |
| CVE-2017-10360 | Oracle Fusion Middleware Oracle WebCenter Content组件安全漏洞 | |
| CVE-2017-10361 | Oracle Hospitality Applications Oracle Hospitality Cruise Shipboard Property Management Sy | |
| CVE-2017-10362 | Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools组件安全漏洞 | |
| CVE-2017-10363 | Oracle Financial Services Applications Oracle FLEXCUBE Universal Banking组件安全漏洞 | |
| CVE-2017-10365 | Oracle MySQL Server组件安全漏洞 | |
| CVE-2017-10366 | Oracle PeopleSoft Products PeopleSoft Enterprise PT PeopleTools组件安全漏洞 | |
| CVE-2017-10367 | Oracle Hospitality Applications Oracle Hospitality Simphony组件安全漏洞 | |
| CVE-2017-10368 | Oracle PeopleSoft Products PeopleSoft Enterprise SCM eProcurement组件安全漏洞 | |
| CVE-2017-10369 | Oracle Fusion Middleware Oracle Virtual Directory组件安全漏洞 | |
| CVE-2017-10370 | Oracle Hospitality Applications Oracle Hospitality Guest Access组件安全漏洞 | |
| CVE-2017-10381 | Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools组件安全漏洞 | |
| CVE-2017-10386 | Oracle Java SE Java Advanced Management Console组件安全漏洞 | |
| CVE-2017-10385 | Oracle Fusion Middleware Oracle GlassFish Server组件安全漏洞 | |
| CVE-2017-10384 | Oracle MySQL Server组件安全漏洞 | |
| CVE-2017-10383 | Oracle Hospitality Applications Oracle Hospitality Guest Access组件安全漏洞 | |
| CVE-2017-10382 | Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools组件安全漏洞 | |
| CVE-2017-10378 | Oracle MySQL Server组件安全漏洞 | |
| CVE-2017-10373 | Oracle PeopleSoft Products PeopleSoft Enterprise PT PeopleTools组件安全漏洞 |
Showing top 20 of 178 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2017-10388
No comments yet