Vulnerability Description
Vulnerability in the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Gson)). Supported versions that are affected are 7.0, 7.1 and 7.2. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Communications WebRTC Session Controller. While the vulnerability is in Oracle Communications WebRTC Session Controller, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Communications WebRTC Session Controller. CVSS 3.0 Base Score 6.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Communications Webrtc Session Controller | 7.0 |
References
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/101432Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039590Third Party AdvisoryVDB Entry
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/101432Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039590Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-10153?
CVE-2017-10153 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Vulnerability in the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Gson)). Supported versions that are affected are 7.0, 7.1 ...
How severe is CVE-2017-10153?
CVE-2017-10153 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-10153?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Communications Webrtc Session Controller.