The host is installed with Oracle Java SE 7 update 40 and earlier and is prone to unspecified vulnerability. The flaw is present in the application, which fails to handle vectors related to JGSS. Successful exploitation allows remote attackers to affect confidentiality.