CVE-2018-2938

6 documents6 sources
Severity
9.0CRITICAL
EPSS
0.6%
top 31.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Netapp E-series Santricity OS ControllerOracle Corporation JavaNetapp Storage Replication Adapter FOR Clustered Data Ontap+4 more
Timeline
PublishedJul 18
Latest updateMay 13

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability can only be explo

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.2 | Impact: 6.0

Affected Packages7 packages

CVEListV5oracle_corporation/java7u181, 8u172, Java SE: 6u191+2
NVDoracle/jdk1.6.0, 1.7.0, 1.8.0+2
NVDoracle/jre1.6.0, 1.7.0, 1.8.0+2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-3vhh-58w3-43m4: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB)2022-05-13
CVEList
CVE-2018-2938: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB)2018-07-18

📋Vendor Advisories

2
Red Hat
JDK: unspecified vulnerability fixed in 6u201, 7u191, and 8u181 (Java DB)2018-07-17
Debian
CVE-2018-2938: openjdk-8 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB)...2018

💬Community

1
Bugzilla
CVE-2018-2938 Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, and 8u181 (Java DB)2018-07-17