Severity
4.2MEDIUM
EPSS
0.2%
top 52.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 19
Latest updateMay 13
Description
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete a…
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:NExploitability: 1.6 | Impact: 2.5
Affected Packages11 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 17.10, Enterprise Linux 7.6, 7.5
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-pm9w-699m-qvpr: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI)↗2022-05-13
CVEList▶
CVE-2018-2800: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI)↗2018-04-19
OSV▶
CVE-2018-2800: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI)↗2018-04-18
📋Vendor Advisories
7Cisco▶
Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability↗2018-10-17
Cisco▶
Cisco Aironet 1800, 2800, and 3800 Series Access Points Secure Shell Privilege Escalation Vulnerability↗2018-05-02
Cisco▶
Cisco Aironet Access Points Central Web Authentication FlexConnect Client ACL Bypass Vulnerability↗2018-05-02