ID CVE-2017-10125
Summary Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: Applies to deployment of Java where the Java Auto Update is enabled. CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*
  • cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
  • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:virtual_storage_console:9.6:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:virtual_storage_console:9.6:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.6:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:6.3:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:6.3:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:6.4:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:6.4:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.0:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.0:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:6.3:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:6.3:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:6.4:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:6.4:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.0:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*
CVSS
Base: 4.4 (as of 12-08-2022 - 18:04)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 99809
confirm
gentoo GLSA-201709-22
sectrack 1038931
Last major update 12-08-2022 - 18:04
Published 08-08-2017 - 15:29
Last modified 12-08-2022 - 18:04
Back to Top