CVE-2015-2601

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html

http://rhn.redhat.com/errata/RHSA-2015-1228.html

http://rhn.redhat.com/errata/RHSA-2015-1229.html

http://rhn.redhat.com/errata/RHSA-2015-1230.html

http://rhn.redhat.com/errata/RHSA-2015-1241.html

http://rhn.redhat.com/errata/RHSA-2015-1242.html

http://rhn.redhat.com/errata/RHSA-2015-1243.html

http://rhn.redhat.com/errata/RHSA-2015-1485.html

http://rhn.redhat.com/errata/RHSA-2015-1486.html

http://rhn.redhat.com/errata/RHSA-2015-1488.html

http://rhn.redhat.com/errata/RHSA-2015-1526.html

http://rhn.redhat.com/errata/RHSA-2015-1544.html

http://rhn.redhat.com/errata/RHSA-2015-1604.html

http://www.debian.org/security/2015/dsa-3316

http://www.debian.org/security/2015/dsa-3339

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.securityfocus.com/bid/75867

http://www.securitytracker.com/id/1032910

http://www.securitytracker.com/id/1037732

http://www.ubuntu.com/usn/USN-2696-1

http://www.ubuntu.com/usn/USN-2706-1

https://kc.mcafee.com/corporate/index?page=content&id=SB10139

https://security.gentoo.org/glsa/201603-11

https://security.gentoo.org/glsa/201603-14

Details

Source: MITRE

Published: 2015-07-16

Updated: 2020-09-08

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

ID	Name	Product	Family	Severity
700651	Oracle Java SE Multiple 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)	Nessus Network Monitor	Web Clients	critical
119969	SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1345-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
91779	Juniper Junos Space < 15.1R2 Multiple Vulnerabilities (JSA10727) (Bar Mitzvah) (Logjam)	Nessus	Junos Local Security Checks	high
89907	GLSA-201603-14 : IcedTea: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
89904	GLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)	Nessus	Gentoo Local Security Checks	critical
8918	Oracle Java SE 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	critical
85869	SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1509-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85695	Debian DLA-303-1 : openjdk-6 security update (Bar Mitzvah) (Logjam)	Nessus	Debian Local Security Checks	critical
85631	Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2015-586) (Bar Mitzvah) (Logjam)	Nessus	Amazon Linux Local Security Checks	critical
85588	Debian DSA-3339-1 : openjdk-6 - security update (Bar Mitzvah) (Logjam)	Nessus	Debian Local Security Checks	critical
85447	AIX Java Advisory : java_july2015_advisory.asc (Logjam)	Nessus	AIX Local Security Checks	critical
85379	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1375-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85373	RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:1604) (Logjam)	Nessus	Red Hat Local Security Checks	critical
85265	Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2706-1) (Bar Mitzvah) (Logjam)	Nessus	Ubuntu Local Security Checks	critical
85238	RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:1544) (Logjam)	Nessus	Red Hat Local Security Checks	critical
85214	SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1331-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85213	SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1329-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85212	Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20150730) (Bar Mitzvah) (Logjam)	Nessus	Scientific Linux Local Security Checks	critical
85154	Ubuntu 14.04 LTS / 15.04 : openjdk-7 vulnerabilities (USN-2696-1) (Bar Mitzvah) (Logjam)	Nessus	Ubuntu Local Security Checks	critical
85153	SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1320-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85152	SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1319-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85149	RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2015:1526) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
85137	Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2015-1526) (Bar Mitzvah) (Logjam)	Nessus	Oracle Linux Local Security Checks	critical
85127	CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2015:1526) (Bar Mitzvah) (Logjam)	Nessus	CentOS Local Security Checks	critical
85031	Debian DSA-3316-1 : openjdk-7 - security update (Bar Mitzvah) (Logjam)	Nessus	Debian Local Security Checks	critical
85002	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-512) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85001	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2015-511) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
84978	RHEL 5 : java-1.7.0-ibm (RHSA-2015:1488) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84956	RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:1486) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84955	RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1485) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84931	Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2015-571) (Bar Mitzvah) (Logjam)	Nessus	Amazon Linux Local Security Checks	critical
84930	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2015-570) (Bar Mitzvah) (Logjam)	Nessus	Amazon Linux Local Security Checks	critical
84873	RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:1243) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84872	RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:1242) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84871	RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2015:1241) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84825	Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Unix) (Bar Mitzvah)	Nessus	Misc.	critical
84824	Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)	Nessus	Windows	critical
84817	Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2015-1230) (Bar Mitzvah) (Logjam)	Nessus	Oracle Linux Local Security Checks	critical
84808	Oracle JRockit R28 < R28.3.7 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah) (Logjam)	Nessus	Windows	high
84793	Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20150715) (Bar Mitzvah) (Logjam)	Nessus	Scientific Linux Local Security Checks	critical
84792	Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x, SL7.x i386/x86_64 (20150715) (Bar Mitzvah) (Logjam)	Nessus	Scientific Linux Local Security Checks	critical
84791	Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20150715) (Bar Mitzvah) (Logjam)	Nessus	Scientific Linux Local Security Checks	critical
84789	RHEL 5 : java-1.7.0-openjdk (RHSA-2015:1230) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84788	RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2015:1229) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84787	RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2015:1228) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84785	Oracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2015-1229) (Bar Mitzvah) (Logjam)	Nessus	Oracle Linux Local Security Checks	critical
84784	Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2015-1228) (Bar Mitzvah) (Logjam)	Nessus	Oracle Linux Local Security Checks	critical
84772	CentOS 5 : java-1.7.0-openjdk (CESA-2015:1230) (Bar Mitzvah) (Logjam)	Nessus	CentOS Local Security Checks	critical
84771	CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2015:1229) (Bar Mitzvah) (Logjam)	Nessus	CentOS Local Security Checks	critical
84770	CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2015:1228) (Bar Mitzvah) (Logjam)	Nessus	CentOS Local Security Checks	critical

CVE-2015-2601

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

critical

critical

high

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

high

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical