VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-27zg-g9hc-4bg1

Essentials
Severities (41)
References (70)
Severity details (32)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-27zg-g9hc-4bg1
Aliases	CVE-2018-2800
Summary	Multiple vulnerabilities have been found in Oracle’s JDK and JRE software suites.
Status	Published
Exploitability	0.5
Weighted Severity	3.8
Risk	1.9
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1188
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1191
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1201
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1202
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1203
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1204
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1205
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1206
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1270
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1278
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1721
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1722
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1723
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1724
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1974
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1975
cvssv3	4.2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2800.json
epss	0.00242	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
epss	0.00316	https://api.first.org/data/v1/epss?cve=CVE-2018-2800
cvssv3	4.2	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
cvssv2	4.0	https://nvd.nist.gov/vuln/detail/CVE-2018-2800
cvssv3	4.2	https://nvd.nist.gov/vuln/detail/CVE-2018-2800
ssvc	Track	https://security.gentoo.org/glsa/201903-14
ssvc	Track	https://security.netapp.com/advisory/ntap-20180419-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
ssvc	Track	https://usn.ubuntu.com/3644-1/
ssvc	Track	https://usn.ubuntu.com/3691-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4185
ssvc	Track	https://www.debian.org/security/2018/dsa-4225
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
ssvc	Track	http://www.securityfocus.com/bid/103849
ssvc	Track	http://www.securitytracker.com/id/1040697

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2800.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2800
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2790
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2794
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2795
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2796
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2797
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2798
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2800
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2814
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2815
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		https://security.netapp.com/advisory/ntap-20180419-0001/
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
		https://www.debian.org/security/2018/dsa-4185
		https://www.debian.org/security/2018/dsa-4225
		http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
		http://www.securityfocus.com/bid/103849
		http://www.securitytracker.com/id/1040697
1568163		https://bugzilla.redhat.com/show_bug.cgi?id=1568163
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:1.6.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update181::::::
cpe:2.3:a:oracle:jdk:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update171::::::
cpe:2.3:a:oracle:jdk:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update162::::::
cpe:2.3:a:oracle:jre:1.6.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update181::::::
cpe:2.3:a:oracle:jre:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update171::::::
cpe:2.3:a:oracle:jre:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update162::::::
cpe:2.3:a:oracle:jrockit:r28.3.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.17:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2800		https://nvd.nist.gov/vuln/detail/CVE-2018-2800
GLSA-201903-14		https://security.gentoo.org/glsa/201903-14
RHSA-2018:1188		https://access.redhat.com/errata/RHSA-2018:1188
RHSA-2018:1191		https://access.redhat.com/errata/RHSA-2018:1191
RHSA-2018:1201		https://access.redhat.com/errata/RHSA-2018:1201
RHSA-2018:1202		https://access.redhat.com/errata/RHSA-2018:1202
RHSA-2018:1203		https://access.redhat.com/errata/RHSA-2018:1203
RHSA-2018:1204		https://access.redhat.com/errata/RHSA-2018:1204
RHSA-2018:1205		https://access.redhat.com/errata/RHSA-2018:1205
RHSA-2018:1206		https://access.redhat.com/errata/RHSA-2018:1206
RHSA-2018:1270		https://access.redhat.com/errata/RHSA-2018:1270
RHSA-2018:1278		https://access.redhat.com/errata/RHSA-2018:1278
RHSA-2018:1721		https://access.redhat.com/errata/RHSA-2018:1721
RHSA-2018:1722		https://access.redhat.com/errata/RHSA-2018:1722
RHSA-2018:1723		https://access.redhat.com/errata/RHSA-2018:1723
RHSA-2018:1724		https://access.redhat.com/errata/RHSA-2018:1724
RHSA-2018:1974		https://access.redhat.com/errata/RHSA-2018:1974
RHSA-2018:1975		https://access.redhat.com/errata/RHSA-2018:1975
USN-3644-1		https://usn.ubuntu.com/3644-1/
USN-3691-1		https://usn.ubuntu.com/3691-1/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1188

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1191

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1201

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1202

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1203

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1204

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1205

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1206

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1270

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1278

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1721

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1722

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1723

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1724

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1974

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://access.redhat.com/errata/RHSA-2018:1975

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2800.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2800

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2800

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://security.gentoo.org/glsa/201903-14

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://security.netapp.com/advisory/ntap-20180419-0001/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://usn.ubuntu.com/3644-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://usn.ubuntu.com/3691-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://www.debian.org/security/2018/dsa-4185

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at https://www.debian.org/security/2018/dsa-4225

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at http://www.securityfocus.com/bid/103849

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:26:17Z/ Found at http://www.securitytracker.com/id/1040697

Exploit Prediction Scoring System (EPSS)

Percentile	0.47455
EPSS Score	0.00242
Published At	April 13, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:02:16.428674+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201903-14	38.0.0