CVE-2015-2613

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html

http://rhn.redhat.com/errata/RHSA-2015-1241.html

http://rhn.redhat.com/errata/RHSA-2015-1242.html

http://rhn.redhat.com/errata/RHSA-2015-1485.html

http://rhn.redhat.com/errata/RHSA-2015-1488.html

http://www.debian.org/security/2015/dsa-3316

http://www.debian.org/security/2015/dsa-3339

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.securityfocus.com/bid/75871

http://www.securitytracker.com/id/1032910

http://www.ubuntu.com/usn/USN-2696-1

http://www.ubuntu.com/usn/USN-2706-1

https://kc.mcafee.com/corporate/index?page=content&id=SB10139

https://security.gentoo.org/glsa/201603-11

https://security.gentoo.org/glsa/201603-14

Details

Source: MITRE

Published: 2015-07-16

Updated: 2018-01-05

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:oracle:jdk:1.7.0:update_75:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update_80:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update_45:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

ID	Name	Product	Family	Severity
700651	Oracle Java SE Multiple 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)	Nessus Network Monitor	Web Clients	critical
91779	Juniper Junos Space < 15.1R2 Multiple Vulnerabilities (JSA10727) (Bar Mitzvah) (Logjam)	Nessus	Junos Local Security Checks	high
89907	GLSA-201603-14 : IcedTea: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
89904	GLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)	Nessus	Gentoo Local Security Checks	critical
8918	Oracle Java SE 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	critical
85588	Debian DSA-3339-1 : openjdk-6 - security update (Bar Mitzvah) (Logjam)	Nessus	Debian Local Security Checks	critical
85447	AIX Java Advisory : java_july2015_advisory.asc (Logjam)	Nessus	AIX Local Security Checks	critical
85379	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1375-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85265	Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2706-1) (Bar Mitzvah) (Logjam)	Nessus	Ubuntu Local Security Checks	critical
85214	SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1331-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85213	SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1329-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85154	Ubuntu 14.04 LTS / 15.04 : openjdk-7 vulnerabilities (USN-2696-1) (Bar Mitzvah) (Logjam)	Nessus	Ubuntu Local Security Checks	critical
85153	SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1320-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85152	SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1319-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85031	Debian DSA-3316-1 : openjdk-7 - security update (Bar Mitzvah) (Logjam)	Nessus	Debian Local Security Checks	critical
85002	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-512) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85001	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2015-511) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
84978	RHEL 5 : java-1.7.0-ibm (RHSA-2015:1488) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84955	RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1485) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84872	RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:1242) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84871	RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2015:1241) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84825	Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Unix) (Bar Mitzvah)	Nessus	Misc.	critical
84824	Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)	Nessus	Windows	critical