How severe is CVE-2017-3242?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2017-3242?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2017-3242 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager). Supported versions that are affected are 3.2 and 3.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM Server for Sparc executes to compromise Oracle VM Server for Sparc. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM Server for Sparc, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM Server for Sparc. CVSS v3.0 Base Score 5.9 (Availability impacts).

Related Vulnerabilities

CVE-2011-0704

MEDIUM

CVSS:5.9(Medium)

389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.

CWE-202011

CVE-2014-2032

MEDIUM

CVSS:5.9(Medium)

Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging ...

CWE-202014

CVE-2014-9754

MEDIUM

CVSS:5.9(Medium)

The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before ...

CWE-202014

CVE-2015-1855

MEDIUM

CVSS:5.9(Medium)

verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers...

CWE-202015

CVE-2015-7852

MEDIUM

CVSS:5.9(Medium)

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

CWE-202015

CVE-2015-8099

MEDIUM

CVSS:5.9(Medium)

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11...

CWE-202015