VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-krpf-angk-n3cf

Essentials
Severities (43)
References (75)
Severity details (25)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-krpf-angk-n3cf
Aliases	CVE-2019-2602
Summary	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-770	Allocation of Resources Without Limits or Throttling
CWE-400	Uncontrolled Resource Consumption

System	Score	Found at
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html
ssvc	Track	https://access.redhat.com/errata/RHBA-2019:0959
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1146
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1163
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1164
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1165
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1166
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1238
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1325
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1518
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2602.json
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2019-2602
cvssv3	5.9	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://kc.mcafee.com/corporate/index?page=content&id=SB10285
ssvc	Track	https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2019-2602
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-2602
ssvc	Track	https://seclists.org/bugtraq/2019/May/75
ssvc	Track	https://security.gentoo.org/glsa/201908-10
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us
ssvc	Track	https://usn.ubuntu.com/3975-1/
ssvc	Track	https://www.debian.org/security/2019/dsa-4453
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHBA-2019:0959
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2602.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
1700440		https://bugzilla.redhat.com/show_bug.cgi?id=1700440
201908-10		https://security.gentoo.org/glsa/201908-10
75		https://seclists.org/bugtraq/2019/May/75
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-::::::
cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.0:::::::*
cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.1:::::::*
cpe:2.3:a:oracle:jdk:11.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.2:::::::*
cpe:2.3:a:oracle:jdk:12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:12:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update211::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update211::::::
cpe:2.3:a:oracle:jdk:1.8.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update201::::::
cpe:2.3:a:oracle:jdk:1.8.0:update202::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update202::::::
cpe:2.3:a:oracle:jre:11.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.2:::::::*
cpe:2.3:a:oracle:jre:12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:12:::::::*
cpe:2.3:a:oracle:jre:1.7.0:update211::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update211::::::
cpe:2.3:a:oracle:jre:1.8.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update201::::::
cpe:2.3:a:oracle:jre:1.8.0:update202::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update202::::::
cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:opensuse:leap:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
cpe:2.3:o:opensuse:leap:42.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2019-2602		https://nvd.nist.gov/vuln/detail/CVE-2019-2602
display?docLocale=en_US&docId=emr_na-hpesbst03959en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us
dsa-4453		https://www.debian.org/security/2019/dsa-4453
index?page=content&id=SB10285		https://kc.mcafee.com/corporate/index?page=content&id=SB10285
msg00007.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html
msg00011.html		https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html
msg00013.html		http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html
msg00058.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
msg00059.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
RHSA-2019:0774		https://access.redhat.com/errata/RHSA-2019:0774
RHSA-2019:0775		https://access.redhat.com/errata/RHSA-2019:0775
RHSA-2019:0778		https://access.redhat.com/errata/RHSA-2019:0778
RHSA-2019:0790		https://access.redhat.com/errata/RHSA-2019:0790
RHSA-2019:0791		https://access.redhat.com/errata/RHSA-2019:0791
RHSA-2019:1146		https://access.redhat.com/errata/RHSA-2019:1146
RHSA-2019:1163		https://access.redhat.com/errata/RHSA-2019:1163
RHSA-2019:1164		https://access.redhat.com/errata/RHSA-2019:1164
RHSA-2019:1165		https://access.redhat.com/errata/RHSA-2019:1165
RHSA-2019:1166		https://access.redhat.com/errata/RHSA-2019:1166
RHSA-2019:1238		https://access.redhat.com/errata/RHSA-2019:1238
RHSA-2019:1325		https://access.redhat.com/errata/RHSA-2019:1325
RHSA-2019:1518		https://access.redhat.com/errata/RHSA-2019:1518
USN-3975-1		https://usn.ubuntu.com/3975-1/

No exploits are available.

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHBA-2019:0959

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1146

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1163

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1164

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1165

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1166

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1238

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1325

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://access.redhat.com/errata/RHSA-2019:1518

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2602.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://kc.mcafee.com/corporate/index?page=content&id=SB10285

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2019-2602

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-2602

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://seclists.org/bugtraq/2019/May/75

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://security.gentoo.org/glsa/201908-10

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://usn.ubuntu.com/3975-1/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at https://www.debian.org/security/2019/dsa-4453

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.29082
EPSS Score	0.00103
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:28:38.719180+00:00	Alpine Linux Importer	Import	https://secdb.alpinelinux.org/v3.15/community.json	37.0.0

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHBA-2019:0959
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2602.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
1700440		https://bugzilla.redhat.com/show_bug.cgi?id=1700440
201908-10		https://security.gentoo.org/glsa/201908-10
75		https://seclists.org/bugtraq/2019/May/75
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-::::::
cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.0:::::::*
cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.1:::::::*
cpe:2.3:a:oracle:jdk:11.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.2:::::::*
cpe:2.3:a:oracle:jdk:12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:12:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update211::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update211::::::
cpe:2.3:a:oracle:jdk:1.8.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update201::::::
cpe:2.3:a:oracle:jdk:1.8.0:update202::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update202::::::
cpe:2.3:a:oracle:jre:11.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.2:::::::*
cpe:2.3:a:oracle:jre:12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:12:::::::*
cpe:2.3:a:oracle:jre:1.7.0:update211::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update211::::::
cpe:2.3:a:oracle:jre:1.8.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update201::::::
cpe:2.3:a:oracle:jre:1.8.0:update202::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update202::::::
cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:opensuse:leap:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
cpe:2.3:o:opensuse:leap:42.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2019-2602		https://nvd.nist.gov/vuln/detail/CVE-2019-2602
display?docLocale=en_US&docId=emr_na-hpesbst03959en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us
dsa-4453		https://www.debian.org/security/2019/dsa-4453
index?page=content&id=SB10285		https://kc.mcafee.com/corporate/index?page=content&id=SB10285
msg00007.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html
msg00011.html		https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html
msg00013.html		http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html
msg00058.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
msg00059.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
RHSA-2019:0774		https://access.redhat.com/errata/RHSA-2019:0774
RHSA-2019:0775		https://access.redhat.com/errata/RHSA-2019:0775
RHSA-2019:0778		https://access.redhat.com/errata/RHSA-2019:0778
RHSA-2019:0790		https://access.redhat.com/errata/RHSA-2019:0790
RHSA-2019:0791		https://access.redhat.com/errata/RHSA-2019:0791
RHSA-2019:1146		https://access.redhat.com/errata/RHSA-2019:1146
RHSA-2019:1163		https://access.redhat.com/errata/RHSA-2019:1163
RHSA-2019:1164		https://access.redhat.com/errata/RHSA-2019:1164
RHSA-2019:1165		https://access.redhat.com/errata/RHSA-2019:1165
RHSA-2019:1166		https://access.redhat.com/errata/RHSA-2019:1166
RHSA-2019:1238		https://access.redhat.com/errata/RHSA-2019:1238
RHSA-2019:1325		https://access.redhat.com/errata/RHSA-2019:1325
RHSA-2019:1518		https://access.redhat.com/errata/RHSA-2019:1518
USN-3975-1		https://usn.ubuntu.com/3975-1/