CVE-2018-2796

MEDIUM

Description

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

ID	Name	Product	Family	Severity
127397	NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0137)	Nessus	NewStart CGSL Local Security Checks	medium
127385	NewStart CGSL MAIN 4.05 : java-1.7.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0131)	Nessus	NewStart CGSL Local Security Checks	medium
127199	NewStart CGSL CORE 5.04 / MAIN 5.04 : java-1.7.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0032)	Nessus	NewStart CGSL Local Security Checks	medium
127190	NewStart CGSL CORE 5.04 / MAIN 5.04 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0027)	Nessus	NewStart CGSL Local Security Checks	medium
700657	Oracle Java SE 6 < Update 191 / 7 < Update 181 / 8 < Update 171 / 10 < Update 1 Multiple Vulnerabilities (April 2018 CPU)	Nessus Network Monitor	Web Clients	high
123197	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2019-479)	Nessus	SuSE Local Security Checks	medium
122836	GLSA-201903-14 : Oracle JDK/JRE: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
121938	Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0039	Nessus	PhotonOS Local Security Checks	high
121835	Photon OS 1.0: Openjdk PHSA-2018-1.0-0130	Nessus	PhotonOS Local Security Checks	medium
120060	SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2018:2068-1)	Nessus	SuSE Local Security Checks	medium
120046	SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1938-2)	Nessus	SuSE Local Security Checks	medium
120045	SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1938-1)	Nessus	SuSE Local Security Checks	medium
118268	SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2018:1764-2)	Nessus	SuSE Local Security Checks	medium
118267	SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:1738-2)	Nessus	SuSE Local Security Checks	medium
118264	SUSE SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2018:1692-2)	Nessus	SuSE Local Security Checks	medium
118263	SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1690-2)	Nessus	SuSE Local Security Checks	medium
111932	Photon OS 1.0: Mysql / Openjdk PHSA-2018-1.0-0130 (deprecated)	Nessus	PhotonOS Local Security Checks	medium
111298	Photon OS 2.0 : openjdk8 / httpd / librelp / zsh / libvirt (PhotonOS-PHSA-2018-2.0-0039) (deprecated)	Nessus	PhotonOS Local Security Checks	high
110859	EulerOS 2.0 SP3 : java-1.8.0-openjdk (EulerOS-SA-2018-1195)	Nessus	Huawei Local Security Checks	medium
110857	EulerOS 2.0 SP3 : java-1.7.0-openjdk (EulerOS-SA-2018-1193)	Nessus	Huawei Local Security Checks	medium
110793	RHEL 6 : java-1.8.0-ibm (RHSA-2018:1975)	Nessus	Red Hat Local Security Checks	medium
110692	RHEL 6 : java-1.7.1-ibm (RHSA-2018:1974)	Nessus	Red Hat Local Security Checks	medium
110662	Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3691-1)	Nessus	Ubuntu Local Security Checks	medium
110638	SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2018:1764-1)	Nessus	SuSE Local Security Checks	medium
110620	SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:1738-1)	Nessus	SuSE Local Security Checks	medium
110590	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2018-641)	Nessus	SuSE Local Security Checks	medium
110587	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-637)	Nessus	SuSE Local Security Checks	medium
110546	SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2018:1692-1)	Nessus	SuSE Local Security Checks	medium
110544	SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1690-1)	Nessus	SuSE Local Security Checks	medium
110424	Debian DSA-4225-1 : openjdk-7 - security update	Nessus	Debian Local Security Checks	medium
110244	CentOS 7 : java-1.7.0-openjdk (CESA-2018:1278)	Nessus	CentOS Local Security Checks	medium
110240	CentOS 7 : java-1.8.0-openjdk (CESA-2018:1191)	Nessus	CentOS Local Security Checks	medium
110223	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2018:1458-1)	Nessus	SuSE Local Security Checks	medium
110186	SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2018:1447-1)	Nessus	SuSE Local Security Checks	medium
110135	EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2018-1131)	Nessus	Huawei Local Security Checks	medium
110134	EulerOS 2.0 SP1 : java-1.8.0-openjdk (EulerOS-SA-2018-1130)	Nessus	Huawei Local Security Checks	medium
110133	EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2018-1129)	Nessus	Huawei Local Security Checks	medium
110132	EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2018-1128)	Nessus	Huawei Local Security Checks	medium
110118	RHEL 6 : java-1.7.1-ibm (RHSA-2018:1724)	Nessus	Red Hat Local Security Checks	medium
110117	RHEL 7 : java-1.7.1-ibm (RHSA-2018:1723)	Nessus	Red Hat Local Security Checks	medium
110116	RHEL 6 : java-1.8.0-ibm (RHSA-2018:1722)	Nessus	Red Hat Local Security Checks	medium
110115	RHEL 7 : java-1.8.0-ibm (RHSA-2018:1721)	Nessus	Red Hat Local Security Checks	medium
109723	Ubuntu 16.04 LTS / 17.10 : openjdk-8 vulnerabilities (USN-3644-1)	Nessus	Ubuntu Local Security Checks	medium
109695	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2018-1007)	Nessus	Amazon Linux Local Security Checks	medium
109686	Amazon Linux 2 : java-1.7.0-openjdk (ALAS-2018-1007)	Nessus	Amazon Linux Local Security Checks	medium
109571	Scientific Linux Security Update : java-1.7.0-openjdk on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	medium
109546	RHEL 7 : java-1.7.0-openjdk (RHSA-2018:1278)	Nessus	Red Hat Local Security Checks	medium
109542	Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2018-1278)	Nessus	Oracle Linux Local Security Checks	medium
109530	CentOS 6 : java-1.7.0-openjdk (CESA-2018:1270)	Nessus	CentOS Local Security Checks	medium
109527	CentOS 6 : java-1.8.0-openjdk (CESA-2018:1188)	Nessus	CentOS Local Security Checks	medium
109465	Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
109461	Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	medium
109444	RHEL 6 : java-1.7.0-openjdk (RHSA-2018:1270)	Nessus	Red Hat Local Security Checks	medium
109440	Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2018-1270)	Nessus	Oracle Linux Local Security Checks	medium
109414	Debian DSA-4185-1 : openjdk-8 - security update	Nessus	Debian Local Security Checks	medium
109367	Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2018-1002)	Nessus	Amazon Linux Local Security Checks	medium
109363	Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2018-1002)	Nessus	Amazon Linux Local Security Checks	medium
109307	RHEL 6 : java-1.7.0-oracle (RHSA-2018:1206)	Nessus	Red Hat Local Security Checks	medium
109305	RHEL 7 : java-1.8.0-oracle (RHSA-2018:1204)	Nessus	Red Hat Local Security Checks	medium
109303	RHEL 6 : java-1.8.0-oracle (RHSA-2018:1202)	Nessus	Red Hat Local Security Checks	medium
109302	RHEL 7 : java-1.7.0-oracle (RHSA-2018:1201)	Nessus	Red Hat Local Security Checks	medium
109207	Oracle JRockit R28.3.17 Multiple Vulnerabilities (April 2018 CPU)	Nessus	Windows	medium
109203	Oracle Java SE Multiple Vulnerabilities (April 2018 CPU) (Unix)	Nessus	Misc.	medium
109202	Oracle Java SE Multiple Vulnerabilities (April 2018 CPU)	Nessus	Windows	medium
109196	Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
109195	RHEL 7 : java-1.8.0-openjdk (RHSA-2018:1191)	Nessus	Red Hat Local Security Checks	medium
109194	RHEL 6 : java-1.8.0-openjdk (RHSA-2018:1188)	Nessus	Red Hat Local Security Checks	medium
109193	Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2018-1191)	Nessus	Oracle Linux Local Security Checks	medium
109192	Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2018-1188)	Nessus	Oracle Linux Local Security Checks	medium

CVE-2018-2796

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0