CVE-2017-3233
First published: Mon Apr 24 2017(Updated: )
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Automatic Service Request (ASR). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Automatic Service Request (ASR) accessible data. CVSS 3.0 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Automatic Service Request | <=5.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3233?
CVE-2017-3233 is classified as a high-severity vulnerability that can be easily exploited.
How do I fix CVE-2017-3233?
To fix CVE-2017-3233, upgrade to Oracle Automatic Service Request version 5.7 or later.
Who is affected by CVE-2017-3233?
CVE-2017-3233 affects users of Oracle Automatic Service Request versions prior to 5.7.
What type of attack can exploit CVE-2017-3233?
CVE-2017-3233 can be exploited by an unauthenticated attacker with network access via HTTP.
What component of Oracle is vulnerable in CVE-2017-3233?
CVE-2017-3233 affects the Automatic Service Request (ASR) component of Oracle Support Tools.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- agent/author
- agent/tags
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/oracle
- canonical/oracle automatic service request
- version/oracle automatic service request/5.5.1