Medium severity4.8NVD Advisory· Published Oct 19, 2017· Updated May 13, 2026

CVE-2017-10161

Description

Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite (subcomponent: Web Services Security). Supported versions that are affected are 6.1.3.0 and 6.2.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Engineering Data Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Engineering Data Management accessible data as well as unauthorized read access to a subset of Oracle Engineering Data Management accessible data. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).

Affected products

Oracle Corporation/Agile Engineering Data Management2 versions
cpe:2.3:a:oracle:agile_engineering_data_management:6.1.3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:agile_engineering_data_management:6.1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:agile_engineering_data_management:6.2.2.0:*:*:*:*:*:*:*
Oracle Corporation/Agile Engineering Data Managementv5
Range: 6.1.3.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/101395nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.312
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000