Java SE are vulnerable to improper access control. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Deployment
component to gain elevated privileges. Successful attacks require human interaction from a person other than the attacker resulting in takeover of Java SE.
CPE | Name | Operator | Version |
---|---|---|---|
java-1.8.0-ibm | eq | 1.8.0.4.1__1jpp.1.el6_8 | |
java-1.8.0-ibm | eq | 1.8.0.4.1__1jpp.1.el6_8 |
www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
www.securityfocus.com/bid/102546
www.securitytracker.com/id/1040203
access.redhat.com/errata/RHSA-2018:0099
access.redhat.com/errata/RHSA-2018:0351
access.redhat.com/errata/RHSA-2018:0352
access.redhat.com/errata/RHSA-2018:1463
access.redhat.com/security/cve/CVE-2018-1417
access.redhat.com/security/updates/classification/#critical
developer.ibm.com/javasdk/support/security-vulnerabilities/
help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
security.netapp.com/advisory/ntap-20180117-0001/