CVE-2014-0460

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://rhn.redhat.com/errata/RHSA-2014-0675.html

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://secunia.com/advisories/58415

http://secunia.com/advisories/59022

http://secunia.com/advisories/59023

http://secunia.com/advisories/59058

http://secunia.com/advisories/59071

http://secunia.com/advisories/59082

http://secunia.com/advisories/59250

http://secunia.com/advisories/59255

http://secunia.com/advisories/59307

http://secunia.com/advisories/59436

http://secunia.com/advisories/59516

http://secunia.com/advisories/59642

http://secunia.com/advisories/59704

http://secunia.com/advisories/59705

http://secunia.com/advisories/59706

http://secunia.com/advisories/60003

http://secunia.com/advisories/60111

http://secunia.com/advisories/60117

http://secunia.com/advisories/61264

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.debian.org/security/2014/dsa-2912

http://www.ibm.com/support/docview.wss?uid=swg21675343

http://www.ibm.com/support/docview.wss?uid=swg21675588

http://www.ibm.com/support/docview.wss?uid=swg21677387

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66916

http://www.ubuntu.com/usn/USN-2187-1

http://www.ubuntu.com/usn/USN-2191-1

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://www-01.ibm.com/support/docview.wss?uid=swg21673836

http://www-01.ibm.com/support/docview.wss?uid=swg21674539

http://www-01.ibm.com/support/docview.wss?uid=swg21676315

http://www-01.ibm.com/support/docview.wss?uid=swg21676672

http://www-01.ibm.com/support/docview.wss?uid=swg21676746

http://www-01.ibm.com/support/docview.wss?uid=swg21677294

http://www-01.ibm.com/support/docview.wss?uid=swg21679713

http://www-01.ibm.com/support/docview.wss?uid=swg21681018

http://www-01.ibm.com/support/docview.wss?uid=swg21681256

http://www-01.ibm.com/support/docview.wss?uid=swg21683484

http://www-01.ibm.com/support/docview.wss?uid=swg21686717

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

Details

Source: MITRE

Published: 2014-04-16

Updated: 2020-09-08

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (78 total)

IDNameProductFamilySeverity
9699IBM WebSphere Application Server 7.0 < 7.0.0.33 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
critical
91778Juniper Junos Space < 15.1R1 Multiple Vulnerabilities (JSA10698)NessusJunos Local Security Checks
critical
83625SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1)NessusSuSE Local Security Checks
critical
81370GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
80197Juniper Junos Space < 14.1R1 Multiple Vulnerabilities (JSA10659)NessusJunos Local Security Checks
high
80046openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)NessusSuSE Local Security Checks
critical
80045openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)NessusSuSE Local Security Checks
critical
79039RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)NessusRed Hat Local Security Checks
critical
79011RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)NessusRed Hat Local Security Checks
medium
79010RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)NessusRed Hat Local Security Checks
critical
77812IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple VulnerabilitiesNessusWindows
critical
77811IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)NessusWindows
critical
77810IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77727VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)NessusWindows
critical
77326Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)NessusMisc.
critical
76995IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple VulnerabilitiesNessusWeb Servers
high
76967IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple VulnerabilitiesNessusWeb Servers
high
76900RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)NessusRed Hat Local Security Checks
critical
76894RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)NessusRed Hat Local Security Checks
critical
76889RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675)NessusRed Hat Local Security Checks
critical
76870AIX Java Advisory : java_apr2014_advisory.ascNessusAIX Local Security Checks
critical
76732Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-0685)NessusOracle Linux Local Security Checks
critical
76727Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2014-0675)NessusOracle Linux Local Security Checks
critical
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
74284SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)NessusSuSE Local Security Checks
critical
74254SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)NessusSuSE Local Security Checks
critical
74078Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100)NessusMandriva Local Security Checks
critical
74032RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509)NessusRed Hat Local Security Checks
critical
74031RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)NessusRed Hat Local Security Checks
critical
74007SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209)NessusSuSE Local Security Checks
critical
74005RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)NessusRed Hat Local Security Checks
critical
73868Debian DSA-2923-1 : openjdk-7 - security updateNessusDebian Local Security Checks
critical
73822Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2191-1)NessusUbuntu Local Security Checks
critical
73801Ubuntu 12.10 / 13.10 / 14.04 LTS : openjdk-7 vulnerabilities (USN-2187-1)NessusUbuntu Local Security Checks
critical
73691Debian DSA-2912-1 : openjdk-6 - security updateNessusDebian Local Security Checks
critical
73655Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-327)NessusAmazon Linux Local Security Checks
critical
73654Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-326)NessusAmazon Linux Local Security Checks
critical
73612Oracle JRockit R27 < R27.8.2 / R28 < R28.3.2 Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical
73608RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)NessusRed Hat Local Security Checks
critical
73605Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0407)NessusOracle Linux Local Security Checks
critical
73590Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73589Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73588Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73587RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2014:0408)NessusRed Hat Local Security Checks
critical
73586RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407)NessusRed Hat Local Security Checks
critical
73585RHEL 6 : java-1.7.0-openjdk (RHSA-2014:0406)NessusRed Hat Local Security Checks
critical
73584Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0408)NessusOracle Linux Local Security Checks
critical
73583Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2014-0406)NessusOracle Linux Local Security Checks
critical
73580CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0408)NessusCentOS Local Security Checks
critical
73579CentOS 5 : java-1.7.0-openjdk (CESA-2014:0407)NessusCentOS Local Security Checks
critical
73578CentOS 6 : java-1.7.0-openjdk (CESA-2014:0406)NessusCentOS Local Security Checks
critical
73571Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)NessusMisc.
critical
73570Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical
27034Solaris 9 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27033Solaris 9 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27021Solaris 9 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27020Solaris 9 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
27016Solaris 8 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27015Solaris 8 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27009Solaris 8 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27008Solaris 8 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
26996Solaris 10 (x86) : 125139-97 (deprecated)NessusSolaris Local Security Checks
critical
26995Solaris 10 (x86) : 125138-97 (deprecated)NessusSolaris Local Security Checks
critical
26985Solaris 10 (sparc) : 125137-97 (deprecated)NessusSolaris Local Security Checks
critical
26984Solaris 10 (sparc) : 125136-97 (deprecated)NessusSolaris Local Security Checks
critical
19583Solaris 9 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19582Solaris 8 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19580Solaris 10 (x86) : 118669-86 (deprecated)NessusSolaris Local Security Checks
critical
19461Solaris 9 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19460Solaris 9 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19459Solaris 9 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19457Solaris 8 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19456Solaris 8 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19455Solaris 8 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19450Solaris 10 (x86) : 118668-86 (deprecated)NessusSolaris Local Security Checks
critical
19444Solaris 10 (sparc) : 118667-86 (deprecated)NessusSolaris Local Security Checks
critical
19443Solaris 10 (sparc) : 118666-86 (deprecated)NessusSolaris Local Security Checks
critical