VYPR
Get started
← All advisories
High severity7.1NVD Advisory· Published Aug 8, 2017· Updated May 13, 2026

CVE-2017-10125

CVE-2017-10125

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: Applies to deployment of Java where the Java Auto Update is enabled. CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).

Affected products

28
  • NetApp/Active Iq Unified Manager2 versions
    cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*range: >=9.5
    • cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*range: >=7.3
  • NetApp/Cloud Backup
    cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • NetApp/Element Software
    cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
  • NetApp/E Series Santricity Os Controller
    cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
    Range: >=11.0,<=11.70.1
  • NetApp/E Series Santricity Storage Manager
    cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Balance
    cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Insight
    cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Performance Manager
    cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
  • NetApp/Oncommand Shift
    cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Unified Manager3 versions
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*+ 2 more
    • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
    • cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*range: <=7.1
    • cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*range: <=7.1
  • NetApp/Plug In For Symantec Netbackup
    cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
  • NetApp/Snapmanager2 versions
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*+ 1 more
    • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
    • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
  • NetApp/Steelstore Cloud Integrated Storage
    cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
  • NetApp/Storage Replication Adapter For Clustered Data Ontap2 versions
    cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*
    • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*range: >=7.2
  • NetApp/Vasa Provider For Clustered Data Ontap2 versions
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*range: >=7.2
    • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*
  • NetApp/Virtual Storage Console2 versions
    cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*
    • cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*range: >=7.2
  • Oracle Corporation/Jdk2 versions
    cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*
  • Oracle Corporation/Jre2 versions
    cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*
  • Oracle Corporation/Javav5
    Range: Java SE: 7u141

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.