How severe is CVE-2017-10403?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2017-10403?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2017-10403

HIGH Year: 2017

CVSS v3 Score

8.0

High

CVSS v2 Score

4.6

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: iQuery). Supported versions that are affected are 8.5.1 and 9.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Reporting and Analytics. CVSS 3.0 Base Score 8.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).

CVE-2016-1991

HIGH

CVSS:8.0(High)

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download"...

NVD-CWE-Other2016

CVE-2017-16674

HIGH

CVSS:8.0(High)

Datto Windows Agent allows unauthenticated remote command execution via a modified command in conjunction with CVE-2017-16673 exploitation, aka an attack with a malformed primary whitelisted command a...

NVD-CWE-Other2017

CVE-2018-2601

HIGH

CVSS:8.0(High)

Vulnerability in the Oracle Internet Directory component of Oracle Fusion Middleware (subcomponent: Oracle Directory Services Manager). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0 ...

NVD-CWE-Other2018

CVE-2018-3662

HIGH

CVSS:8.0(High)

Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root.

NVD-CWE-Other2018

CVE-2018-5234

HIGH

CVSS:8.0(High)

The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable ...

NVD-CWE-Other2018

CVE-2018-5240

HIGH

CVSS:8.0(High)

The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a us...

NVD-CWE-Other2018

CVE-2017-10403

Vulnerability Description

Related Vulnerabilities

CVE-2016-1991

CVE-2017-16674

CVE-2018-2601

CVE-2018-3662

CVE-2018-5234

CVE-2018-5240