Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2019-2426
HistoryJan 16, 2019 - 12:00 a.m.

CVE-2019-2426

2019-01-1600:00:00
ubuntu.com
ubuntu.com
5

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.1%

JSON

Vulnerability in the Java SE component of Oracle Java SE (subcomponent:
Networking). Supported versions that are affected are Java SE: 7u201, 8u192
and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability
allows unauthenticated attacker with network access via multiple protocols
to compromise Java SE. Successful attacks of this vulnerability can result
in unauthorized read access to a subset of Java SE accessible data. Note:
This vulnerability applies to Java deployments, typically in clients
running sandboxed Java Web Start applications or sandboxed Java applets (in
Java SE 8), that load and run untrusted code (e.g., code that comes from
the internet) and rely on the Java sandbox for security. This vulnerability
can also be exploited by using APIs in the specified Component, e.g.,
through a web service which supplies data to the APIs. CVSS 3.0 Base Score
3.7 (Confidentiality impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

Notes

Author Note
sbeattie only affects Java clients on Windows.

Related

prion 1
debiancve 1
alpinelinux 1
redhatcve 1
ibm 110
f5 1
cve 1
nessus 14
openvas 9
suse 3
kaspersky 1
mageia 1
aix 1
gentoo 1
photon 8
oracle 1
prion
prion
Design/Logic Flaw
2019-01-16 19:30:00
debiancve
debiancve
CVE-2019-2426
2019-01-16 19:30:00
alpinelinux
alpinelinux
CVE-2019-2426
2019-01-16 19:30:00
redhatcve
redhatcve
CVE-2019-2426
2019-01-15 22:21:21
ibm
ibm
Security Bulletin: Vulnerability in IBM Java SDK affects IMS™ Enterprise Suite: Explorer for Development (CVE-2019-2426)
2022-06-01 13:05:44
Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Integration Designer
2019-04-09 22:20:01
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Operations Analytics Predictive Insights January 2019 CPU
2019-03-16 05:15:01
f5
f5
K04154823 : Oracle Java SE vulnerability CVE-2019-2426
2019-02-08 00:00:00
cve
cve
CVE-2019-2426
2019-01-16 19:30:00
nessus
nessus
openSUSE Security Update : java-11-openjdk (openSUSE-2019-161)
2019-02-13 00:00:00
SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2019:0221-1)
2019-02-04 00:00:00
Oracle Java SE 1.7.x < 1.7.0_211 / 1.8.x < 1.8.0_201 / 1.11.x < 1.11.0_2 Multiple Vulnerabilities (January 2019 CPU)
2019-01-17 00:00:00
openvas
openvas
openSUSE: Security Advisory for java-11-openjdk (openSUSE-SU-2019:0161-1)
2019-02-13 00:00:00
Oracle Java SE Multiple Vulnerabilities (cpujan2019) - Linux
2019-01-16 00:00:00
Oracle Java SE Multiple Vulnerabilities (cpujan2019) - Windows
2019-01-16 00:00:00
suse
suse
Security update for java-11-openjdk (important)
2019-02-12 00:00:00
Security update for java-1_7_0-openjdk (moderate)
2019-06-03 00:00:00
Security update for java-1_8_0-openjdk (important)
2019-05-23 00:00:00
kaspersky
kaspersky
KLA11403 Multiple vulnerabilities in Oracle Java SE
2019-01-15 00:00:00
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerability
2019-02-13 14:08:25
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2019-04-16 10:52:12
gentoo
gentoo
Oracle JDK/JRE: Multiple vulnerabilities
2019-03-14 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0205
2019-02-04 00:00:00
Critical Photon OS Security Update - PHSA-2019-0002
2019-02-26 00:00:00
Critical Photon OS Security Update - PHSA-2019-0159
2019-05-10 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.1%

JSON
Related for UB:CVE-2019-2426
prion1debiancve1alpinelinux1redhatcve1ibm110f51cve1nessus14openvas9suse3kaspersky1mageia1aix1gentoo1photon8oracle1