7.5
CVE-2018-1517
- EPSS 0.59%
- Published 20.08.2018 21:29:01
- Last modified 21.11.2024 03:59:57
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Software Development Kit Version6 Updateservice_refresh_16 SwEditionjava_technology
Ibm ≫ Software Development Kit Version6.0 SwEditionjava_technology
Ibm ≫ Software Development Kit Version6r1 Updateservice_refresh_8 SwEditionjava_technology
Ibm ≫ Software Development Kit Version7 Updateservice_refresh_10 SwEditionjava_technology
Ibm ≫ Software Development Kit Version7.0 SwEditionjava_technology
Ibm ≫ Software Development Kit Version7r1 Updateservice_refresh_4 SwEditionjava_technology
Ibm ≫ Software Development Kit Version8 Updateservice_refresh_5 SwEditionjava_technology
Ibm ≫ Software Development Kit Version8.0 SwEditionjava_technology
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Desktop Version7.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Version7.0
Redhat ≫ Enterprise Linux Workstation Version6.0
Redhat ≫ Enterprise Linux Workstation Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.59% | 0.682 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.