How severe is CVE-2017-10317?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4 out of 10.

What type of vulnerability is CVE-2017-10317?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-10317

MEDIUM Year: 2017

CVSS v3 Score

4.0

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-200

View all →

Vulnerability Description

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality Suite8 executes to compromise Oracle Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Suite8 accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

CVE-2015-2012

MEDIUM

CVSS:4.0(Medium)

The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 uses world-readable permissions for a cleartext file containing the SSL keystore p...

CWE-2002015

CVE-2015-4990

MEDIUM

CVSS:4.0(Medium)

The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0...

CWE-2002015

CVE-2015-4991

MEDIUM

CVSS:4.0(Medium)

IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows loca...

CWE-2002015

CVE-2015-8303

MEDIUM

CVSS:4.0(Medium)

Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by pa...

CWE-2002015

CVE-2015-8374

MEDIUM

CVSS:4.0(Medium)

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.

CWE-2002015

CVE-2015-8575

MEDIUM

CVSS:4.0(Medium)

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and by...

CWE-2002015

CVE-2017-10317

Vulnerability Description

Related Vulnerabilities

CVE-2015-2012

CVE-2015-4990

CVE-2015-4991

CVE-2015-8303

CVE-2015-8374

CVE-2015-8575