Java Advanced Management Console Server Vulnerability: Unauthorized Data Access

Java Advanced Management Console Server Vulnerability: Unauthorized Data Access

CVE-2017-10117 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java Advanced Management Console. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java Advanced Management Console accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Learn more about our Cis Benchmark Audit For Server Software.