VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-mf9y-bpcs-f3df

Essentials
Severities (41)
References (79)
Severity details (31)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-mf9y-bpcs-f3df
Aliases	CVE-2018-2952
Summary	security update
Status	Published
Exploitability	0.5
Weighted Severity	3.9
Risk	1.9
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-770

Allocation of Resources Without Limits or Throttling

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2241
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2242
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2253
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2254
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2255
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2256
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2283
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2286
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2568
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2569
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2575
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2576
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2712
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:2713
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:3007
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:3008
cvssv3	3.7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2952.json
epss	0.00067	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00067	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00067	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00073	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00073	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00073	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00073	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00073	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00119	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
epss	0.00119	https://api.first.org/data/v1/epss?cve=CVE-2018-2952
cvssv3	3.7	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2018-2952
cvssv3.1	3.7	https://nvd.nist.gov/vuln/detail/CVE-2018-2952
ssvc	Track	https://security.netapp.com/advisory/ntap-20180726-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03928en_us
ssvc	Track	https://usn.ubuntu.com/3734-1/
ssvc	Track	https://usn.ubuntu.com/3735-1/
ssvc	Track	https://usn.ubuntu.com/3747-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4268
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
ssvc	Track	http://www.securityfocus.com/bid/104765
ssvc	Track	http://www.securitytracker.com/id/1041302

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2952.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2952
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2952
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html
		https://security.netapp.com/advisory/ntap-20180726-0001/
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03928en_us
		https://www.debian.org/security/2018/dsa-4268
		http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
		http://www.securityfocus.com/bid/104765
		http://www.securitytracker.com/id/1041302
1600925		https://bugzilla.redhat.com/show_bug.cgi?id=1600925
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
cpe:2.3:a:netapp:cloud_backup:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::
cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::::::*
cpe:2.3:a:netapp:oncommand_insight:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*
cpe:2.3:a:netapp:oncommand_unified_manager:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:::::::*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::::*
cpe:2.3:a:netapp:snapmanager:-:::::oracle::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::oracle::
cpe:2.3:a:netapp:snapmanager:-:::::sap::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::sap::
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap::::::vmware_vsphere::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap::::::vmware_vsphere::*
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap::::::::
cpe:2.3:a:netapp:virtual_storage_console::::::vmware_vsphere::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:virtual_storage_console::::::vmware_vsphere::*
cpe:2.3:a:oracle:jdk:10.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:10.0.1:::::::*
cpe:2.3:a:oracle:jdk:1.6.0:update191::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update191::::::
cpe:2.3:a:oracle:jdk:1.7.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update181::::::
cpe:2.3:a:oracle:jdk:1.8.0:update172::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update172::::::
cpe:2.3:a:oracle:jre:10.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:10.0.1:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update191::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update191::::::
cpe:2.3:a:oracle:jre:1.7.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update181::::::
cpe:2.3:a:oracle:jre:1.8.0:update172::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update172::::::
cpe:2.3:a:oracle:jrockit:r28.3.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.18:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2952		https://nvd.nist.gov/vuln/detail/CVE-2018-2952
RHSA-2018:2241		https://access.redhat.com/errata/RHSA-2018:2241
RHSA-2018:2242		https://access.redhat.com/errata/RHSA-2018:2242
RHSA-2018:2253		https://access.redhat.com/errata/RHSA-2018:2253
RHSA-2018:2254		https://access.redhat.com/errata/RHSA-2018:2254
RHSA-2018:2255		https://access.redhat.com/errata/RHSA-2018:2255
RHSA-2018:2256		https://access.redhat.com/errata/RHSA-2018:2256
RHSA-2018:2283		https://access.redhat.com/errata/RHSA-2018:2283
RHSA-2018:2286		https://access.redhat.com/errata/RHSA-2018:2286
RHSA-2018:2568		https://access.redhat.com/errata/RHSA-2018:2568
RHSA-2018:2569		https://access.redhat.com/errata/RHSA-2018:2569
RHSA-2018:2575		https://access.redhat.com/errata/RHSA-2018:2575
RHSA-2018:2576		https://access.redhat.com/errata/RHSA-2018:2576
RHSA-2018:2712		https://access.redhat.com/errata/RHSA-2018:2712
RHSA-2018:2713		https://access.redhat.com/errata/RHSA-2018:2713
RHSA-2018:3007		https://access.redhat.com/errata/RHSA-2018:3007
RHSA-2018:3008		https://access.redhat.com/errata/RHSA-2018:3008
USN-3734-1		https://usn.ubuntu.com/3734-1/
USN-3735-1		https://usn.ubuntu.com/3735-1/
USN-3747-1		https://usn.ubuntu.com/3747-1/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2241

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2242

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2253

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2254

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2255

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2256

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2283

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2286

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2568

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2569

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2575

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2576

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2712

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:2713

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:3007

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://access.redhat.com/errata/RHSA-2018:3008

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2952.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2952

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2952

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://security.netapp.com/advisory/ntap-20180726-0001/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03928en_us

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://usn.ubuntu.com/3734-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://usn.ubuntu.com/3735-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://usn.ubuntu.com/3747-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at https://www.debian.org/security/2018/dsa-4268

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at http://www.securityfocus.com/bid/104765

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:11:07Z/ Found at http://www.securitytracker.com/id/1041302

Exploit Prediction Scoring System (EPSS)

Percentile	0.20789
EPSS Score	0.00067
Published At	April 9, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:48:40.608054+00:00	Debian Oval Importer	Import	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.0.0

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2952.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2952
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2952
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html
		https://security.netapp.com/advisory/ntap-20180726-0001/
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03928en_us
		https://www.debian.org/security/2018/dsa-4268
		http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
		http://www.securityfocus.com/bid/104765
		http://www.securitytracker.com/id/1041302
1600925		https://bugzilla.redhat.com/show_bug.cgi?id=1600925
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
cpe:2.3:a:netapp:cloud_backup:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::
cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::::::*
cpe:2.3:a:netapp:oncommand_insight:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*
cpe:2.3:a:netapp:oncommand_unified_manager:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:::::::*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::::*
cpe:2.3:a:netapp:snapmanager:-:::::oracle::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::oracle::
cpe:2.3:a:netapp:snapmanager:-:::::sap::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::sap::
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap::::::vmware_vsphere::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap::::::vmware_vsphere::*
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap::::::::
cpe:2.3:a:netapp:virtual_storage_console::::::vmware_vsphere::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:virtual_storage_console::::::vmware_vsphere::*
cpe:2.3:a:oracle:jdk:10.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:10.0.1:::::::*
cpe:2.3:a:oracle:jdk:1.6.0:update191::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update191::::::
cpe:2.3:a:oracle:jdk:1.7.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update181::::::
cpe:2.3:a:oracle:jdk:1.8.0:update172::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update172::::::
cpe:2.3:a:oracle:jre:10.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:10.0.1:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update191::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update191::::::
cpe:2.3:a:oracle:jre:1.7.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update181::::::
cpe:2.3:a:oracle:jre:1.8.0:update172::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update172::::::
cpe:2.3:a:oracle:jrockit:r28.3.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.18:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2952		https://nvd.nist.gov/vuln/detail/CVE-2018-2952
RHSA-2018:2241		https://access.redhat.com/errata/RHSA-2018:2241
RHSA-2018:2242		https://access.redhat.com/errata/RHSA-2018:2242
RHSA-2018:2253		https://access.redhat.com/errata/RHSA-2018:2253
RHSA-2018:2254		https://access.redhat.com/errata/RHSA-2018:2254
RHSA-2018:2255		https://access.redhat.com/errata/RHSA-2018:2255
RHSA-2018:2256		https://access.redhat.com/errata/RHSA-2018:2256
RHSA-2018:2283		https://access.redhat.com/errata/RHSA-2018:2283
RHSA-2018:2286		https://access.redhat.com/errata/RHSA-2018:2286
RHSA-2018:2568		https://access.redhat.com/errata/RHSA-2018:2568
RHSA-2018:2569		https://access.redhat.com/errata/RHSA-2018:2569
RHSA-2018:2575		https://access.redhat.com/errata/RHSA-2018:2575
RHSA-2018:2576		https://access.redhat.com/errata/RHSA-2018:2576
RHSA-2018:2712		https://access.redhat.com/errata/RHSA-2018:2712
RHSA-2018:2713		https://access.redhat.com/errata/RHSA-2018:2713
RHSA-2018:3007		https://access.redhat.com/errata/RHSA-2018:3007
RHSA-2018:3008		https://access.redhat.com/errata/RHSA-2018:3008
USN-3734-1		https://usn.ubuntu.com/3734-1/
USN-3735-1		https://usn.ubuntu.com/3735-1/
USN-3747-1		https://usn.ubuntu.com/3747-1/