CVE-2018-2964

🗓️ 18 Jul 2018 13:00:00Reported by oracleType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 191 Views

Vulnerability in Oracle Java SE allows unauthenticated attacker to compromise Java SE via multiple protocols. Successful attacks may result in takeover of Java SE. CVSS 3.0 Base Score 8.3

Reporter	Title	Published	Views	Family All 84
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® Java™ SDK and IBM® Java™ Runtime affect IBM® Intelligent Operations Center products	21 Dec 201811:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus, IBM App Connect Enterpise v11 and WebSphere Message Broker	23 Mar 202020:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise	22 Jan 201910:30	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Planning Analytics.	24 Feb 202007:27	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Privileged Identity Manager	2 Jul 201902:50	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i	18 Dec 201914:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.	17 Sep 201915:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affect IBM Performance Management products	2 Nov 201809:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security SiteProtector System	6 Dec 201803:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway	26 Nov 201810:30	–	ibm

NVD

Vulners

Node

oracle jdkMatch1.8.0update172

oracle jdkMatch10.0.1

oracle jreMatch1.8.0update172

oracle jreMatch10.0.1

Node

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp active_iq_unified_managerMatch-windows

netapp cloud_backupMatch-

netapp e-series_santricity_os_controllerRange11.0–11.70.1

netapp e-series_santricity_storage_managerMatch-

netapp oncommand_insightMatch-

netapp oncommand_unified_managerMatch-

netapp oncommand_workflow_automationMatch-

netapp plug-in_for_symantec_netbackupMatch-

netapp snapmanagerMatch--oracle

netapp snapmanagerMatch--sap

netapp steelstore_cloud_integrated_storageMatch-

netapp storage_replication_adapter_for_clustered_data_ontapRange9.7≥vmware_vsphere

netapp vasa_provider_for_clustered_data_ontapRange9.7≥

netapp vasa_provider_for_clustered_data_ontapMatch9.6

netapp virtual_storage_consoleRange9.7≥vmware_vsphere

[
  {
    "product": "Java",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Java SE: 8u172"
      },
      {
        "status": "affected",
        "version": "10.0.1"
      }
    ]
  }
]

Source	Link
security	www.security.netapp.com/advisory/ntap-20180726-0001/
securitytracker	www.securitytracker.com/id/1041302
oracle	www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
access	www.access.redhat.com/errata/RHSA-2018:2256
securityfocus	www.securityfocus.com/bid/104780
access	www.access.redhat.com/errata/RHSA-2018:2253

21 Nov 2024 04:04Current

8.6High risk

Vulners AI Score8.6

CVSS 25.1

CVSS 3.18.3

EPSS0.00439

SSVC