CVE-2018-2940

6 documents6 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 49.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
Netapp E-series Santricity OS ControllerOracle Corporation JavaNetapp Storage Replication Adapter FOR Clustered Data Ontap+8 more
Timeline
PublishedJul 18
Latest updateMay 13

Description

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in una

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages11 packages

CVEListV5oracle_corporation/java4 versions+3
NVDoracle/jdk4 versions+3
NVDoracle/jre4 versions+3
NVDredhat/satellite5.6, 5.7, 5.8+2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-vc69-2m84-9mmr: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)2022-05-13
CVEList
CVE-2018-2940: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)2018-07-18

📋Vendor Advisories

2
Red Hat
JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries)2018-07-17
Debian
CVE-2018-2940: openjdk-8 - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subc...2018

💬Community

1
Bugzilla
CVE-2018-2940 Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries)2018-07-17
CVE-2018-2940 (MEDIUM CVSS 4.3) | Vulnerability in the Java SE | cvebase.io