How severe is CVE-2017-10295?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4 out of 10.

What type of vulnerability is CVE-2017-10295?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2017-10295

MEDIUM Year: 2017

CVSS v3 Score

4.0

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).

CVE-2014-3477

MEDIUM

CVSS:4.0(Medium)

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing t...

NVD-CWE-Other2014

CVE-2015-7403

MEDIUM

CVSS:4.0(Medium)

IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect point...

NVD-CWE-Other2015

CVE-2017-10033

MEDIUM

CVSS:4.0(Medium)

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Support Tools). Supported versions that are affected are 11.1.1.8.0 and 12.2.1.2.0. Difficult to exploi...

NVD-CWE-Other2017

CVE-2017-10213

MEDIUM

CVSS:4.0(Medium)

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allo...

NVD-CWE-Other2017

CVE-2017-10220

MEDIUM

CVSS:4.0(Medium)

Vulnerability in the Hospitality Property Interfaces component of Oracle Hospitality Applications (subcomponent: Parser). The supported version that is affected is 8.10.x. Easily exploitable vulnerabi...

NVD-CWE-Other2017

CVE-2017-18709

MEDIUM

CVSS:4.0(Medium)

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94.

NVD-CWE-Other2017

CVE-2017-10295

Vulnerability Description

Related Vulnerabilities

CVE-2014-3477

CVE-2015-7403

CVE-2017-10033

CVE-2017-10213

CVE-2017-10220

CVE-2017-18709