Veracode Vulnerability DatabaseVERACODE:19238Denial Of Service (DoS)
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Oracle Java SE is vulnerable to denial of service (DoS) attacks. The vulnerability exists in an unknown function of the component Security. An unauthenticated attacker with network access via multiple protocols could compromise Java SE, Java SE Embedded, JRockit causing a parital denial of service condition.
References
www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
www.securityfocus.com/bid/103868
www.securitytracker.com/id/1040697
access.redhat.com/errata/RHSA-2018:1188
access.redhat.com/errata/RHSA-2018:1191
access.redhat.com/errata/RHSA-2018:1201
access.redhat.com/errata/RHSA-2018:1202
access.redhat.com/errata/RHSA-2018:1204
access.redhat.com/errata/RHSA-2018:1206
access.redhat.com/errata/RHSA-2018:1270
access.redhat.com/errata/RHSA-2018:1278
access.redhat.com/errata/RHSA-2018:1721
access.redhat.com/errata/RHSA-2018:1722
access.redhat.com/errata/RHSA-2018:1723
access.redhat.com/errata/RHSA-2018:1724
access.redhat.com/errata/RHSA-2018:1974
access.redhat.com/errata/RHSA-2018:1975
access.redhat.com/security/updates/classification/#critical
help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
security.gentoo.org/glsa/201903-14
security.netapp.com/advisory/ntap-20180419-0001/
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
usn.ubuntu.com/3644-1/
usn.ubuntu.com/3691-1/
www.debian.org/security/2018/dsa-4185
www.debian.org/security/2018/dsa-4225
Related
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P