5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
Java SE, Java SE Embedded are vulnerable to unauthenticated access. The Networking component of OpenJDK fails to properly parse user info from the URL. A remote attacker could cause the Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL which may leads data to unauthorized update, insert or delete.
rhn.redhat.com/errata/RHSA-2017-0175.html
rhn.redhat.com/errata/RHSA-2017-0176.html
rhn.redhat.com/errata/RHSA-2017-0177.html
rhn.redhat.com/errata/RHSA-2017-0180.html
rhn.redhat.com/errata/RHSA-2017-0263.html
rhn.redhat.com/errata/RHSA-2017-0269.html
rhn.redhat.com/errata/RHSA-2017-0336.html
rhn.redhat.com/errata/RHSA-2017-0337.html
rhn.redhat.com/errata/RHSA-2017-0338.html
www.debian.org/security/2017/dsa-3782
www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
www.securityfocus.com/bid/95512
www.securitytracker.com/id/1037637
www.securitytracker.com/id/1037798
access.redhat.com/errata/RHSA-2017:0180
access.redhat.com/errata/RHSA-2017:1216
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=1369383
security.gentoo.org/glsa/201701-65
security.gentoo.org/glsa/201707-01
security.netapp.com/advisory/ntap-20170119-0001/
source.android.com/security/bulletin/2017-02-01.html
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N