4.2

CVE-2018-2800

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleJdk Version1.6.0 Updateupdate181
OracleJdk Version1.7.0 Updateupdate171
OracleJdk Version1.8.0 Updateupdate162
OracleJre Version1.6.0 Updateupdate181
OracleJre Version1.7.0 Updateupdate171
OracleJre Version1.8.0 Updateupdate162
OracleJrockit Versionr28.3.17
RedhatSatellite Version5.6
RedhatSatellite Version5.7
RedhatSatellite Version5.8
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version17.10
HpXp7 Command View SwEditionadvanced
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.41% 0.917
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.2 1.6 2.5
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
nvd@nist.gov 4 4.9 4.9
AV:N/AC:H/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Patch
Vendor Advisory
http://www.securitytracker.com/id/1040697
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:1203
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1205
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1721
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1722
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1723
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1724
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1974
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1975
Third Party Advisory
https://security.netapp.com/advisory/ntap-20180419-0001/
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
Third Party Advisory
https://usn.ubuntu.com/3644-1/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1188
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1191
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1201
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1202
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1204
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1206
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1270
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1278
Third Party Advisory
https://security.gentoo.org/glsa/201903-14
Third Party Advisory
https://usn.ubuntu.com/3691-1/
Third Party Advisory
https://www.debian.org/security/2018/dsa-4185
Third Party Advisory
https://www.debian.org/security/2018/dsa-4225
Third Party Advisory
http://www.securityfocus.com/bid/103849
Third Party Advisory
VDB Entry