How severe is CVE-2017-10273?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2017-10273?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2017-10273

MEDIUM Year: 2017

CVSS v3 Score

4.7

Medium

CVSS v2 Score

3.7

Low

Weakness Type

CWE-22

View all →

Vulnerability Description

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle JDeveloper. CVSS 3.0 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L).

CVE-2018-1000532

MEDIUM

CVSS:4.7(Medium)

beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by othe...

CWE-222018

CVE-2018-1261

MEDIUM

CVSS:4.7(Medium)

Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, x...

CWE-222018

CVE-2018-1263

MEDIUM

CVSS:4.7(Medium)

Addresses partial fix in CVE-2018-1261. Pivotal spring-integration-zip, versions prior to 1.0.2, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archi...

CWE-222018

CVE-2018-8889

MEDIUM

CVSS:4.7(Medium)

A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context ...

CWE-222018

CVE-2021-20669

MEDIUM

CVSS:4.7(Medium)

Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read and/or delete an arbitrary path via a specially crafted URL.

CWE-222021

CVE-2023-31448

MEDIUM

CVSS:4.7(Medium)

A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving di...

CWE-222023

CVE-2017-10273

Vulnerability Description

Related Vulnerabilities

CVE-2018-1000532

CVE-2018-1261

CVE-2018-1263

CVE-2018-8889

CVE-2021-20669

CVE-2023-31448