CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-10267

HIGH
7.5
CVSS Severity Score
EPSS Score0.0410%
EPSS Percentile32.96th
Published2017年11月14日
Last Modified2026年5月13日

Vulnerability Description

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Tuxedo accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Affected Platforms (CPE)

📦
Oracle

Tuxedo

= 11.1.1
📦
Oracle

Tuxedo

= 12.1.1
📦
Oracle

Tuxedo

= 12.1.3
📦
Oracle

Tuxedo

= 12.2.2

References & Advisories

🔗 http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10269-4021872.html
🔗 http://www.securityfocus.com/bid/101875
🔗 http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10269-4021872.html
🔗 http://www.securityfocus.com/bid/101875

関連する脆弱性情報

CVE-2017-1026910.0

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...

CVE-2017-102729.9

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...

CVE-2018-30078.6

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...