VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-9au2-9pjy-wfc4

Essentials
Severities (44)
References (77)
Severity details (26)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-9au2-9pjy-wfc4
Aliases	CVE-2018-2588
Summary	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Status	Published
Exploitability	0.5
Weighted Severity	3.9
Risk	1.9
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-90

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0095
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0099
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0100
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0115
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0349
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0351
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0352
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0458
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0521
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1463
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1812
cvssv3	4.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
epss	0.00431	https://api.first.org/data/v1/epss?cve=CVE-2018-2588
cvssv3	4.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
ssvc	Track	https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
cvssv2	4.0	https://nvd.nist.gov/vuln/detail/CVE-2018-2588
cvssv3.1	4.3	https://nvd.nist.gov/vuln/detail/CVE-2018-2588
ssvc	Track	https://security.netapp.com/advisory/ntap-20180117-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
ssvc	Track	https://usn.ubuntu.com/3613-1/
ssvc	Track	https://usn.ubuntu.com/3614-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4144
ssvc	Track	https://www.debian.org/security/2018/dsa-4166
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
ssvc	Track	http://www.securityfocus.com/bid/102661
ssvc	Track	http://www.securitytracker.com/id/1040203

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2588
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
102661		http://www.securityfocus.com/bid/102661
1040203		http://www.securitytracker.com/id/1040203
1534299		https://bugzilla.redhat.com/show_bug.cgi?id=1534299
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update171::::::
cpe:2.3:a:oracle:jdk:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update161::::::
cpe:2.3:a:oracle:jdk:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update152::::::
cpe:2.3:a:oracle:jdk:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:9.0.1:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update171::::::
cpe:2.3:a:oracle:jre:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update161::::::
cpe:2.3:a:oracle:jre:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update152::::::
cpe:2.3:a:oracle:jre:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:9.0.1:::::::*
cpe:2.3:a:oracle:jrockit:r28.3.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.16:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2588		https://nvd.nist.gov/vuln/detail/CVE-2018-2588
display?docLocale=en_US&docId=emr_na-hpesbst03911en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
dsa-4144		https://www.debian.org/security/2018/dsa-4144
dsa-4166		https://www.debian.org/security/2018/dsa-4166
msg00003.html		https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
ntap-20180117-0001		https://security.netapp.com/advisory/ntap-20180117-0001/
RHSA-2018:0095		https://access.redhat.com/errata/RHSA-2018:0095
RHSA-2018:0099		https://access.redhat.com/errata/RHSA-2018:0099
RHSA-2018:0100		https://access.redhat.com/errata/RHSA-2018:0100
RHSA-2018:0115		https://access.redhat.com/errata/RHSA-2018:0115
RHSA-2018:0349		https://access.redhat.com/errata/RHSA-2018:0349
RHSA-2018:0351		https://access.redhat.com/errata/RHSA-2018:0351
RHSA-2018:0352		https://access.redhat.com/errata/RHSA-2018:0352
RHSA-2018:0458		https://access.redhat.com/errata/RHSA-2018:0458
RHSA-2018:0521		https://access.redhat.com/errata/RHSA-2018:0521
RHSA-2018:1463		https://access.redhat.com/errata/RHSA-2018:1463
RHSA-2018:1812		https://access.redhat.com/errata/RHSA-2018:1812
USN-3613-1		https://usn.ubuntu.com/3613-1/
USN-3614-1		https://usn.ubuntu.com/3614-1/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0095

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0099

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0100

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0115

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0349

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0351

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0352

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0458

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:0521

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:1463

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://access.redhat.com/errata/RHSA-2018:1812

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2588

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2588

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://security.netapp.com/advisory/ntap-20180117-0001/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://usn.ubuntu.com/3613-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://usn.ubuntu.com/3614-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://www.debian.org/security/2018/dsa-4144

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at https://www.debian.org/security/2018/dsa-4166

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at http://www.securityfocus.com/bid/102661

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/ Found at http://www.securitytracker.com/id/1040203

Exploit Prediction Scoring System (EPSS)

Percentile	0.42594
EPSS Score	0.002
Published At	Aug. 1, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:36:48.129860+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/3614-1/	37.0.0

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2588
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
102661		http://www.securityfocus.com/bid/102661
1040203		http://www.securitytracker.com/id/1040203
1534299		https://bugzilla.redhat.com/show_bug.cgi?id=1534299
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update171::::::
cpe:2.3:a:oracle:jdk:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update161::::::
cpe:2.3:a:oracle:jdk:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update152::::::
cpe:2.3:a:oracle:jdk:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:9.0.1:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update171::::::
cpe:2.3:a:oracle:jre:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update161::::::
cpe:2.3:a:oracle:jre:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update152::::::
cpe:2.3:a:oracle:jre:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:9.0.1:::::::*
cpe:2.3:a:oracle:jrockit:r28.3.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.16:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2588		https://nvd.nist.gov/vuln/detail/CVE-2018-2588
display?docLocale=en_US&docId=emr_na-hpesbst03911en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
dsa-4144		https://www.debian.org/security/2018/dsa-4144
dsa-4166		https://www.debian.org/security/2018/dsa-4166
msg00003.html		https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
ntap-20180117-0001		https://security.netapp.com/advisory/ntap-20180117-0001/
RHSA-2018:0095		https://access.redhat.com/errata/RHSA-2018:0095
RHSA-2018:0099		https://access.redhat.com/errata/RHSA-2018:0099
RHSA-2018:0100		https://access.redhat.com/errata/RHSA-2018:0100
RHSA-2018:0115		https://access.redhat.com/errata/RHSA-2018:0115
RHSA-2018:0349		https://access.redhat.com/errata/RHSA-2018:0349
RHSA-2018:0351		https://access.redhat.com/errata/RHSA-2018:0351
RHSA-2018:0352		https://access.redhat.com/errata/RHSA-2018:0352
RHSA-2018:0458		https://access.redhat.com/errata/RHSA-2018:0458
RHSA-2018:0521		https://access.redhat.com/errata/RHSA-2018:0521
RHSA-2018:1463		https://access.redhat.com/errata/RHSA-2018:1463
RHSA-2018:1812		https://access.redhat.com/errata/RHSA-2018:1812
USN-3613-1		https://usn.ubuntu.com/3613-1/
USN-3614-1		https://usn.ubuntu.com/3614-1/