CVE-2017-10356

🗓️ 19 Oct 2017 17:00:00Reported by oracleType

Vulnerability in Oracle Java SE allows unauthenticated attacker to compromise system, potentially resulting in unauthorized access to critical data. Easily exploitable through Java Web Start applications or applets

Reporter	Title	Published	Views	Family All 276
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments	24 Sep 201809:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for SAP Applications	17 Jun 201812:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Directory Server	11 Jan 201916:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server	16 Jun 201814:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection	16 Jun 201822:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Algo One - Algo Risk Application (ARA)	15 Jun 201823:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities identified in IBM® Java SDK affect WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio.	15 Jun 201807:08	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearQuest (CVE-2017-10356, CVE-2017-10345)	4 Feb 202016:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9 and IBM BigFix Inventory v9	19 Aug 202223:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium	16 Jun 201822:03	–	ibm

NVD

Vulners

Node

oracle jdkMatch1.6.0update161

oracle jdkMatch1.7.0update151

oracle jdkMatch1.8.0update144

oracle jdkMatch1.9.0

oracle jreMatch1.6.0update161

oracle jreMatch1.7.0update151

oracle jreMatch1.8.0update144

oracle jreMatch1.9.0

Node

redhat satelliteMatch5.8

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_eusMatch7.4

redhat enterprise_linux_eusMatch7.5

redhat enterprise_linux_eusMatch7.6

redhat enterprise_linux_eusMatch7.7

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.4

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_ausMatch7.7

redhat enterprise_linux_server_tusMatch7.4

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_server_tusMatch7.7

redhat enterprise_linux_workstationMatch6.0

redhat enterprise_linux_workstationMatch7.0

Node

netapp active_iq_unified_managerRange7.3≥windows

netapp active_iq_unified_managerRange9.5≥vmware_vsphere

netapp cloud_backupMatch-

netapp e-series_santricity_management_plug-insMatch-vmware_vcenter

netapp e-series_santricity_os_controllerRange11.0–11.70.1

netapp e-series_santricity_storage_managerMatch-

netapp e-series_santricity_web_servicesMatch-web_services_proxy

netapp element_softwareMatch-

netapp oncommand_balanceMatch-

netapp oncommand_insightMatch-

netapp oncommand_performance_managerMatch-vmware_vsphere

netapp oncommand_shiftMatch-

netapp oncommand_unified_managerRange≤7.1vsphere

netapp oncommand_unified_managerRange≤7.1windows

netapp oncommand_unified_managerMatch-7-mode

netapp oncommand_workflow_automationMatch-

netapp plug-in_for_symantec_netbackupMatch-

netapp snapmanagerMatch-oracle

netapp snapmanagerMatch-sap

netapp steelstore_cloud_integrated_storageMatch-

netapp storage_replication_adapter_for_clustered_data_ontapRange7.2≥vmware_vsphere

netapp storage_replication_adapter_for_clustered_data_ontapRange7.2≥windows

netapp vasa_provider_for_clustered_data_ontapRange7.2≥

netapp vasa_provider_for_clustered_data_ontapMatch6.0

netapp virtual_storage_consoleRange7.2≥vmware_vsphere

netapp virtual_storage_consoleMatch6.0vmware_vsphere

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

[
  {
    "product": "Java",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Java SE: 6u161"
      },
      {
        "status": "affected",
        "version": "7u151"
      },
      {
        "status": "affected",
        "version": "8u144"
      },
      {
        "status": "affected",
        "version": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
      }
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHSA-2017:3047
debian	www.debian.org/security/2017/dsa-4015
security	www.security.netapp.com/advisory/ntap-20171019-0001/
access	www.access.redhat.com/errata/RHSA-2017:2999
securityfocus	www.securityfocus.com/bid/101413
access	www.access.redhat.com/errata/RHSA-2017:3268
access	www.access.redhat.com/errata/RHSA-2017:3264
lists	www.lists.debian.org/debian-lts-announce/2017/11/msg00033.html
security	www.security.gentoo.org/glsa/201710-31
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

13 May 2026 00:24Current

6.5Medium risk

Vulners AI Score6.5

CVSS 22.1

CVSS 3.16.2

EPSS0.00701

SSVC