CVE-2017-10369

Name of the Vulnerable Software and Affected Versions Oracle Virtual Directory versions 11.1.1.7.0 and 11.1.1.9.0

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle Virtual Directory, potentially resulting in a takeover. The attack is considered difficult to exploit.

Recommendations For version 11.1.1.7.0, update to a version that includes the fix for this issue. For version 11.1.1.9.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Oracle Virtual Directory Server to minimize the risk of exploitation.