{"id":"CVE-2017-10388","details":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).","modified":"2026-04-16T06:16:18.041432386Z","published":"2017-10-19T17:29:05.403Z","related":["CGA-c3q9-q7jj-jw27","SUSE-SU-2017:2989-1","SUSE-SU-2017:3235-1","SUSE-SU-2017:3369-1","SUSE-SU-2017:3411-1","SUSE-SU-2017:3440-1","SUSE-SU-2017:3455-1","SUSE-SU-2018:0005-1","SUSE-SU-2018:0061-1","openSUSE-SU-2024:10876-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/101321"},{"type":"WEB","url":"http://www.securitytracker.com/id/1039596"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2998"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3268"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20171019-0001/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3392"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3264"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3267"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201710-31"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4048"},{"type":"ADVISORY","url":"https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201711-14"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4015"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.6.0-update161"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.0-update151"}]},{"events":[{"introduced":"0"},{"last_affected":"1.8.0-update144"}]},{"events":[{"introduced":"0"},{"last_affected":"1.9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.0-update161"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.0-update151"}]},{"events":[{"introduced":"0"},{"last_affected":"1.8.0-update144"}]},{"events":[{"introduced":"0"},{"last_affected":"1.9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"5.8"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"7.3"}]},{"events":[{"introduced":"9.5"}]},{"events":[{"introduced":"11.0"},{"last_affected":"11.70.1"}]},{"events":[{"introduced":"0"},{"last_affected":"7.1"}]},{"events":[{"introduced":"0"},{"last_affected":"7.1"}]},{"events":[{"introduced":"7.2"}]},{"events":[{"introduced":"7.2"}]},{"events":[{"introduced":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10388.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}