Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2018-2783
HistoryApr 18, 2018 - 12:00 a.m.

CVE-2018-2783

2018-04-1800:00:00
ubuntu.com
ubuntu.com
8

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

68.4%

JSON

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle
Java SE (subcomponent: Security). Supported versions that are affected are
Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit:
R28.3.17. Difficult to exploit vulnerability allows unauthenticated
attacker with network access via multiple protocols to compromise Java SE,
Java SE Embedded, JRockit. Successful attacks of this vulnerability can
result in unauthorized creation, deletion or modification access to
critical data or all Java SE, Java SE Embedded, JRockit accessible data as
well as unauthorized access to critical data or complete access to all Java
SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and
server deployment of Java. This vulnerability can be exploited through
sandboxed Java Web Start applications and sandboxed Java applets. It can
also be exploited by supplying data to APIs in the specified Component
without using sandboxed Java Web Start applications or sandboxed Java
applets, such as through a web service. CVSS 3.0 Base Score 7.4
(Confidentiality and Integrity impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).

Notes

Author Note
sbeattie fixed upstream in 6u191, 7u171, and 8u161
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchopenjdk-7< 7u171-2.6.13-0ubuntu0.14.04.2UNKNOWN
ubuntu17.10noarchopenjdk-8< 8u171-b11-0ubuntu0.17.10.1UNKNOWN
ubuntu18.04noarchopenjdk-8< 8u171-b11-0ubuntu0.18.04.1UNKNOWN
ubuntu16.04noarchopenjdk-8< 8u171-b11-0ubuntu0.16.04.1UNKNOWN

Related

ibm 143
prion 1
redhatcve 1
nessus 25
openvas 10
debiancve 1
f5 1
cve 1
veracode 1
aix 1
redhat 10
ubuntu 1
photon 2
kaspersky 1
ibm
ibm
Security Bulletin: A Vulnerability in IBM Java SDK (April 2018) affecting IBM Application Delivery Intelligence V5.0.5 and V5.0.4 (CVE-2018-2783)
2018-11-20 23:15:01
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i and Rational Developer for AIX and Linux
2018-09-06 19:32:19
Security Bulletin: Vulnerability in IBM Java SDK affects IBM Process Designer used in IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Lombardi Edition (CVE-2018-2783)
2018-06-22 01:30:08
prion
prion
Design/Logic Flaw
2018-04-19 02:29:00
redhatcve
redhatcve
CVE-2018-2783
2019-10-10 04:11:28
nessus
nessus
F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228)
2018-11-02 00:00:00
RHEL 7 : java-1.8.0-ibm (RHSA-2018:1721)
2018-05-25 00:00:00
RHEL 6 : java-1.8.0-ibm (RHSA-2018:1975)
2018-06-29 00:00:00
openvas
openvas
Oracle Java SE Security Updates (apr2018-3678067) 01 - Linux
2018-04-19 00:00:00
Oracle Java SE Security Updates (apr2018-3678067) 01 - Windows
2018-04-18 00:00:00
Ubuntu: Security Advisory (USN-3644-1)
2018-05-12 00:00:00
debiancve
debiancve
CVE-2018-2783
2018-04-19 02:29:00
f5
f5
K44923228 : Oracle Java SE vulnerability CVE-2018-2783
2018-05-10 00:00:00
cve
cve
CVE-2018-2783
2018-04-19 02:29:00
veracode
veracode
Authorization Bypass
2019-01-15 09:23:40
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2018-06-12 14:49:00
redhat
redhat
(RHSA-2018:1974) Moderate: java-1.7.1-ibm security update
2018-06-25 14:45:00
(RHSA-2018:1205) Important: java-1.6.0-sun security update
2018-04-23 16:39:05
(RHSA-2018:1723) Important: java-1.7.1-ibm security update
2018-05-24 18:29:41
ubuntu
ubuntu
OpenJDK 8 vulnerabilities
2018-05-11 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0130
2018-04-30 00:00:00
Important Photon OS Security Update - PHSA-2018-0130
2018-04-30 00:00:00
kaspersky
kaspersky
KLA11234 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
2018-04-17 00:00:00

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

68.4%

JSON
Related for UB:CVE-2018-2783
ibm143prion1redhatcve1nessus25openvas10debiancve1f51cve1veracode1aix1redhat10ubuntu1photon2kaspersky1