How severe is CVE-2017-10104?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2017-10104?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2017-10104

HIGH Year: 2017

CVSS v3 Score

7.4

High

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-269

View all →

Vulnerability Description

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Java Advanced Management Console. While the vulnerability is in Java Advanced Management Console, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java Advanced Management Console accessible data as well as unauthorized read access to a subset of Java Advanced Management Console accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java Advanced Management Console. CVSS 3.0 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L).

CVE-2016-9928

HIGH

CVSS:7.4(High)

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will...

CWE-2692016

CVE-2017-6924

HIGH

CVSS:7.4(High)

In Drupal 8 prior to 8.3.7; When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved commen...

CWE-2692017

CVE-2018-1000028

HIGH

CVSS:7.4(High)

Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or...

CWE-2692018

CVE-2018-11767

HIGH

CVSS:7.4(High)

In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.

CWE-2692018

CVE-2023-52093

HIGH

CVSS:7.4(High)

An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain ...

CWE-2692023

CVE-2024-27264

HIGH

CVSS:7.4(High)

IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run wi...

CWE-2692024

CVE-2017-10104

Vulnerability Description

Related Vulnerabilities

CVE-2016-9928

CVE-2017-6924

CVE-2018-1000028

CVE-2018-11767

CVE-2023-52093

CVE-2024-27264