Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2018-2972

Published: 18/07/2018 Updated: 03/10/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Jre

Vulnerability Summary

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). The supported version that is affected is Java SE: 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jre 10.0.1

oracle jdk 10.0.1

Vendor Advisories

Ubuntu Security Notice: openjdk-lts regression
USN-3747-1 introduced a regression in OpenJDK 10 ...
Ubuntu Security Notice: openjdk-lts vulnerabilities
Several security issues were fixed in OpenJDK 10 ...
Red Hat: CVE-2018-2972
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security) The supported version that is affected is Java SE: 1001 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE Successful attacks of this vulnerability can result in unauthorized access ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.securityfocus.com/bid/104782https://security.netapp.com/advisory/ntap-20180726-0001/http://www.securitytracker.com/id/1041302https://usn.ubuntu.com/3747-1/https://usn.ubuntu.com/3747-2/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook