How severe is CVE-2017-10198?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2017-10198?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2017-10198

MEDIUM Year: 2017

CVSS v3 Score

6.8

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).

CVE-2012-1695

MEDIUM

CVSS:6.8(Medium)

Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, int...

NVD-CWE-Other2012

CVE-2015-8262

MEDIUM

CVSS:6.8(Medium)

Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof re...

NVD-CWE-Other2015

CVE-2015-8816

MEDIUM

CVSS:6.8(Medium)

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a d...

NVD-CWE-Other2015

CVE-2016-1285

MEDIUM

CVSS:6.8(Medium)

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (...

NVD-CWE-Other2016

CVE-2016-5304

MEDIUM

CVSS:6.8(Medium)

Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites ...

NVD-CWE-Other2016

CVE-2016-8318

MEDIUM

CVSS:6.8(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exp...

NVD-CWE-Other2016

CVE-2017-10198

Vulnerability Description

Related Vulnerabilities

CVE-2012-1695

CVE-2015-8262

CVE-2015-8816

CVE-2016-1285

CVE-2016-5304

CVE-2016-8318