8.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
8.4 High
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
72.7%
04/17/2018
Critical
Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information, cause denial of service and perform unspecified attacks.
Java SE 6u181 and earlier
Java SE 7u171 and earlier
Java SE 8u171 and earlier
Java SE 10.0.1 and earlier
Java SE Embedded 8u161 and earlier
JRockit R28.3.17 and earlier
Update to the latest version
Oracle software downloads
Oracle Critical Patch Update Advisory – April 2018
ACE
CVE-2018-28113.7Warning
CVE-2018-28145.1High
CVE-2018-28155.0Warning
CVE-2018-27835.8High
CVE-2018-28265.1High
CVE-2018-27902.6Warning
CVE-2018-28255.1High
CVE-2018-27943.7Warning
CVE-2018-27955.0Warning
CVE-2018-27965.0Warning
CVE-2018-27975.0Warning
CVE-2018-27985.0Warning
CVE-2018-27995.0Warning
CVE-2018-28004.0Warning
www.oracle.com/technetwork/indexes/downloads/index.html
www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2800
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2826
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.10.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.8.x/
threats.kaspersky.com/en/product/Oracle-JRockit/
8.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
8.4 High
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
72.7%