CVE-2014-0452

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://rhn.redhat.com/errata/RHSA-2014-0675.html

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://secunia.com/advisories/58415

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.debian.org/security/2014/dsa-2912

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66891

http://www.ubuntu.com/usn/USN-2187-1

http://www.ubuntu.com/usn/USN-2191-1

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

Details

Source: MITRE

Published: 2014-04-16

Updated: 2020-09-08

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (45 total)

IDNameProductFamilySeverity
81370GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
80046openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)NessusSuSE Local Security Checks
critical
80045openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)NessusSuSE Local Security Checks
critical
79039RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)NessusRed Hat Local Security Checks
critical
79011RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)NessusRed Hat Local Security Checks
medium
79010RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)NessusRed Hat Local Security Checks
critical
77812IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple VulnerabilitiesNessusWindows
critical
77811IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)NessusWindows
critical
77810IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77727VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)NessusWindows
critical
76900RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)NessusRed Hat Local Security Checks
critical
76894RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)NessusRed Hat Local Security Checks
critical
76889RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675)NessusRed Hat Local Security Checks
critical
76870AIX Java Advisory : java_apr2014_advisory.ascNessusAIX Local Security Checks
critical
76732Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-0685)NessusOracle Linux Local Security Checks
critical
76727Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2014-0675)NessusOracle Linux Local Security Checks
critical
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
74284SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)NessusSuSE Local Security Checks
critical
74254SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)NessusSuSE Local Security Checks
critical
74078Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100)NessusMandriva Local Security Checks
critical
74031RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)NessusRed Hat Local Security Checks
critical
74007SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209)NessusSuSE Local Security Checks
critical
74005RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)NessusRed Hat Local Security Checks
critical
73868Debian DSA-2923-1 : openjdk-7 - security updateNessusDebian Local Security Checks
critical
73822Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2191-1)NessusUbuntu Local Security Checks
critical
73801Ubuntu 12.10 / 13.10 / 14.04 LTS : openjdk-7 vulnerabilities (USN-2187-1)NessusUbuntu Local Security Checks
critical
73691Debian DSA-2912-1 : openjdk-6 - security updateNessusDebian Local Security Checks
critical
73655Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-327)NessusAmazon Linux Local Security Checks
critical
73654Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-326)NessusAmazon Linux Local Security Checks
critical
73608RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)NessusRed Hat Local Security Checks
critical
73605Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0407)NessusOracle Linux Local Security Checks
critical
73590Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73589Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73588Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73587RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2014:0408)NessusRed Hat Local Security Checks
critical
73586RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407)NessusRed Hat Local Security Checks
critical
73585RHEL 6 : java-1.7.0-openjdk (RHSA-2014:0406)NessusRed Hat Local Security Checks
critical
73584Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0408)NessusOracle Linux Local Security Checks
critical
73583Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2014-0406)NessusOracle Linux Local Security Checks
critical
73580CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0408)NessusCentOS Local Security Checks
critical
73579CentOS 5 : java-1.7.0-openjdk (CESA-2014:0407)NessusCentOS Local Security Checks
critical
73578CentOS 6 : java-1.7.0-openjdk (CESA-2014:0406)NessusCentOS Local Security Checks
critical
73571Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)NessusMisc.
critical
73570Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical