vulnerability
Oracle Linux: CVE-2018-2800: ELSA-2018-1188: java-1.8.0-openjdk security update (CRITICAL) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:H/Au:N/C:P/I:P/A:N) | Apr 17, 2018 | Apr 20, 2018 | Dec 3, 2025 |
Severity
4
CVSS
(AV:N/AC:H/Au:N/C:P/I:P/A:N)
Published
Apr 17, 2018
Added
Apr 20, 2018
Modified
Dec 3, 2025
Description
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
Solutions
oracle-linux-upgrade-java-1-7-0-openjdkoracle-linux-upgrade-java-1-7-0-openjdk-accessibilityoracle-linux-upgrade-java-1-7-0-openjdk-demooracle-linux-upgrade-java-1-7-0-openjdk-develoracle-linux-upgrade-java-1-7-0-openjdk-headlessoracle-linux-upgrade-java-1-7-0-openjdk-javadocoracle-linux-upgrade-java-1-7-0-openjdk-srcoracle-linux-upgrade-java-1-8-0-openjdkoracle-linux-upgrade-java-1-8-0-openjdk-accessibilityoracle-linux-upgrade-java-1-8-0-openjdk-accessibility-debugoracle-linux-upgrade-java-1-8-0-openjdk-debugoracle-linux-upgrade-java-1-8-0-openjdk-demooracle-linux-upgrade-java-1-8-0-openjdk-demo-debugoracle-linux-upgrade-java-1-8-0-openjdk-develoracle-linux-upgrade-java-1-8-0-openjdk-devel-debugoracle-linux-upgrade-java-1-8-0-openjdk-headlessoracle-linux-upgrade-java-1-8-0-openjdk-headless-debugoracle-linux-upgrade-java-1-8-0-openjdk-javadocoracle-linux-upgrade-java-1-8-0-openjdk-javadoc-debugoracle-linux-upgrade-java-1-8-0-openjdk-javadoc-ziporacle-linux-upgrade-java-1-8-0-openjdk-javadoc-zip-debugoracle-linux-upgrade-java-1-8-0-openjdk-srcoracle-linux-upgrade-java-1-8-0-openjdk-src-debug
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.