9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
90.0%
04/16/2019
Critical
Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to bypass security restrictions.
Java SE: 7u211, 8u202, 11.0.2, 12
Java SE Embedded: 8u201
Update to the latest version
Oracle Critical Patch Update Advisory – April 2019
SB
CVE-2019-26986.8High
CVE-2019-26844.3Warning
CVE-2019-26996.8High
CVE-2019-26025.0Warning
CVE-2019-26976.8High
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2697
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2699
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.10.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.8.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.9.x/
www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
90.0%