VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-me5g-pge1-cuba

Essentials
Severities (44)
References (62)
Severity details (26)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-me5g-pge1-cuba
Aliases	CVE-2018-2814
Summary	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
Status	Published
Exploitability	0.5
Weighted Severity	7.5
Risk	3.8
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1188
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1191
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1201
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1202
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1203
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1204
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1205
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1206
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1270
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1278
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2814.json
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00337	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
cvssv3	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
cvssv2	5.1	https://nvd.nist.gov/vuln/detail/CVE-2018-2814
cvssv3.1	8.3	https://nvd.nist.gov/vuln/detail/CVE-2018-2814
ssvc	Track	https://security.gentoo.org/glsa/201903-14
ssvc	Track	https://security.netapp.com/advisory/ntap-20180419-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
ssvc	Track	https://usn.ubuntu.com/3644-1/
ssvc	Track	https://usn.ubuntu.com/3691-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4185
ssvc	Track	https://www.debian.org/security/2018/dsa-4225
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
ssvc	Track	http://www.securityfocus.com/bid/103798
ssvc	Track	http://www.securitytracker.com/id/1040697

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2814.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2814
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2790
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2794
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2795
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2796
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2797
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2798
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2800
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2814
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2815
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
103798		http://www.securityfocus.com/bid/103798
1040697		http://www.securitytracker.com/id/1040697
1567121		https://bugzilla.redhat.com/show_bug.cgi?id=1567121
201903-14		https://security.gentoo.org/glsa/201903-14
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:10:::::::*
cpe:2.3:a:oracle:jdk:1.6.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update181::::::
cpe:2.3:a:oracle:jdk:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update171::::::
cpe:2.3:a:oracle:jdk:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update162::::::
cpe:2.3:a:oracle:jre:10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:10:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update181::::::
cpe:2.3:a:oracle:jre:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update171::::::
cpe:2.3:a:oracle:jre:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update162::::::
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2814		https://nvd.nist.gov/vuln/detail/CVE-2018-2814
display?docLocale=en_US&docId=emr_na-hpesbst03857en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
display?docLocale=en_US&docId=emr_na-hpesbst03915en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
dsa-4185		https://www.debian.org/security/2018/dsa-4185
dsa-4225		https://www.debian.org/security/2018/dsa-4225
ntap-20180419-0001		https://security.netapp.com/advisory/ntap-20180419-0001/
RHSA-2018:1188		https://access.redhat.com/errata/RHSA-2018:1188
RHSA-2018:1191		https://access.redhat.com/errata/RHSA-2018:1191
RHSA-2018:1201		https://access.redhat.com/errata/RHSA-2018:1201
RHSA-2018:1202		https://access.redhat.com/errata/RHSA-2018:1202
RHSA-2018:1203		https://access.redhat.com/errata/RHSA-2018:1203
RHSA-2018:1204		https://access.redhat.com/errata/RHSA-2018:1204
RHSA-2018:1205		https://access.redhat.com/errata/RHSA-2018:1205
RHSA-2018:1206		https://access.redhat.com/errata/RHSA-2018:1206
RHSA-2018:1270		https://access.redhat.com/errata/RHSA-2018:1270
RHSA-2018:1278		https://access.redhat.com/errata/RHSA-2018:1278
USN-3644-1		https://usn.ubuntu.com/3644-1/
USN-3691-1		https://usn.ubuntu.com/3691-1/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1188

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1191

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1201

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1202

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1203

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1204

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1205

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1206

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1270

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1278

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2814.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2814

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2814

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://security.gentoo.org/glsa/201903-14

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://security.netapp.com/advisory/ntap-20180419-0001/

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://usn.ubuntu.com/3644-1/

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://usn.ubuntu.com/3691-1/

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://www.debian.org/security/2018/dsa-4185

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://www.debian.org/security/2018/dsa-4225

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at http://www.securityfocus.com/bid/103798

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at http://www.securitytracker.com/id/1040697

Exploit Prediction Scoring System (EPSS)

Percentile	0.55889
EPSS Score	0.00337
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:36:12.025349+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/3691-1/	37.0.0