7.5
CVE-2018-2627
- EPSS 0.51%
- Veröffentlicht 18.01.2018 02:29:20
- Zuletzt bearbeitet 06.05.2025 15:15:55
- Quelle secalert_us@oracle.com
- Teams Watchlist Login
- Unerledigt Login
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to the Windows installer only. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netapp ≫ Active Iq Unified Manager SwPlatformwindows Version >= 7.3
Netapp ≫ Active Iq Unified Manager SwPlatformvmware_vsphere Version >= 9.5
Netapp ≫ Cloud Backup Version-
Netapp ≫ E-series Santricity Management Plug-ins Version-
Netapp ≫ E-series Santricity Os Controller Version >= 11.0 <= 11.70.1
Netapp ≫ E-series Santricity Storage Manager Version-
Netapp ≫ E-series Santricity Web Services Version- SwPlatformweb_services_proxy
Netapp ≫ Oncommand Insight Version-
Netapp ≫ Oncommand Shift Version-
Netapp ≫ Oncommand Unified Manager Version- SwPlatform7-mode
Netapp ≫ Oncommand Workflow Automation Version-
Netapp ≫ Plug-in For Symantec Netbackup Version-
Netapp ≫ Santricity Cloud Connector Version-
Netapp ≫ Snapmanager Version- SwPlatformoracle
Netapp ≫ Snapmanager Version- SwPlatformsap
Netapp ≫ Storage Replication Adapter For Clustered Data Ontap SwPlatformvmware_vsphere Version >= 7.2
Netapp ≫ Storage Replication Adapter For Clustered Data Ontap SwPlatformwindows Version >= 7.2
Netapp ≫ Storagegrid Version <= 9.0.4
Netapp ≫ Vasa Provider For Clustered Data Ontap Version >= 7.2
Netapp ≫ Vasa Provider For Clustered Data Ontap Version6.0
Netapp ≫ Virtual Storage Console SwPlatformvmware_vsphere Version >= 7.2
Netapp ≫ Virtual Storage Console Version6.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.51% | 0.655 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 0.8 | 6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
| nvd@nist.gov | 3.7 | 1.9 | 6.4 |
AV:L/AC:H/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 0.8 | 6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|