VYPR
Get started
← All advisories
Critical severity9.6NVD Advisory· Published Aug 8, 2017· Updated May 13, 2026

CVE-2017-10111

CVE-2017-10111

Description

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Affected products

45
  • NetApp/Active Iq Unified Manager2 versions
    cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*range: >=9.5
    • cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*range: >=7.3
  • NetApp/Cloud Backup
    cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • NetApp/Element Software
    cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
  • NetApp/E Series Santricity Os Controller
    cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
    Range: >=11.0,<=11.70.1
  • NetApp/E Series Santricity Storage Manager
    cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Balance
    cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Insight
    cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Performance Manager
    cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
  • NetApp/Oncommand Shift
    cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Unified Manager3 versions
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*+ 2 more
    • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
    • cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*range: <=7.1
    • cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*range: <=7.1
  • NetApp/Plug In For Symantec Netbackup
    cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
  • NetApp/Snapmanager2 versions
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*+ 1 more
    • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
    • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
  • NetApp/Steelstore Cloud Integrated Storage
    cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
  • NetApp/Storage Replication Adapter For Clustered Data Ontap2 versions
    cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*
    • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*range: >=7.2
  • NetApp/Vasa Provider For Clustered Data Ontap2 versions
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*range: >=7.2
    • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*
  • NetApp/Virtual Storage Console2 versions
    cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*
    • cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*range: >=7.2
  • Oracle Corporation/Jdk
    cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*
  • Oracle Corporation/Jre
    cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*
  • Debian/Debian Linux
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Desktop2 versions
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Eus5 versions
    cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server2 versions
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server Aus4 versions
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server Tus3 versions
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Workstation2 versions
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • Oracle Corporation/Javav5
    Range: Java SE: 8u131; Java SE Embedded: 8u131

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.