VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-pu3q-ekmz-2qb7

Essentials
Severities (47)
References (65)
Severity details (29)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-pu3q-ekmz-2qb7
Aliases	CVE-2019-2422
Summary	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
Status	Published
Exploitability	0.5
Weighted Severity	2.8
Risk	1.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

System	Score	Found at
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0416
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0435
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0436
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0462
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0464
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0469
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0472
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0473
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0474
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:0640
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:1238
cvssv3	3.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2422.json
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
epss	0.00128	https://api.first.org/data/v1/epss?cve=CVE-2019-2422
cvssv3	3.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://lists.debian.org/debian-lts-announce/2019/03/msg00033.html
cvssv2	2.6	https://nvd.nist.gov/vuln/detail/CVE-2019-2422
cvssv3.1	3.1	https://nvd.nist.gov/vuln/detail/CVE-2019-2422
ssvc	Track	https://seclists.org/bugtraq/2019/Mar/27
ssvc	Track	https://security.gentoo.org/glsa/201903-14
ssvc	Track	https://security.netapp.com/advisory/ntap-20190118-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us
ssvc	Track	https://usn.ubuntu.com/3875-1/
ssvc	Track	https://usn.ubuntu.com/3942-1/
ssvc	Track	https://usn.ubuntu.com/3949-1/
ssvc	Track	https://www.debian.org/security/2019/dsa-4410
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
ssvc	Track	http://www.securityfocus.com/bid/106596

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2422.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-2422
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2422
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
106596		http://www.securityfocus.com/bid/106596
1665945		https://bugzilla.redhat.com/show_bug.cgi?id=1665945
201903-14		https://security.gentoo.org/glsa/201903-14
27		https://seclists.org/bugtraq/2019/Mar/27
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:netapp:oncommand_unified_manager::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::::
cpe:2.3:a:netapp:oncommand_unified_manager::::::vmware::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::vmware::*
cpe:2.3:a:netapp:oncommand_unified_manager::::::windows::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::windows::*
cpe:2.3:a:netapp:oncommand_workflow_automation::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation::::::::
cpe:2.3:a:netapp:snapmanager:-:::::oracle::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::oracle::
cpe:2.3:a:netapp:snapmanager:-:::::sap::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::sap::
cpe:2.3:a:oracle:jdk:11.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.1:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update201::::::
cpe:2.3:a:oracle:jdk:1.8.0:update192::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update192::::::
cpe:2.3:a:oracle:jre:11.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.1:::::::*
cpe:2.3:a:oracle:jre:1.7.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update201::::::
cpe:2.3:a:oracle:jre:1.8.0:update192::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update192::::::
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:opensuse:leap:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
cpe:2.3:o:opensuse:leap:42.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2019-2422		https://nvd.nist.gov/vuln/detail/CVE-2019-2422
display?docLocale=en_US&docId=emr_na-hpesbst03958en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us
dsa-4410		https://www.debian.org/security/2019/dsa-4410
msg00013.html		http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html
msg00028.html		http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html
msg00033.html		https://lists.debian.org/debian-lts-announce/2019/03/msg00033.html
msg00059.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
ntap-20190118-0001		https://security.netapp.com/advisory/ntap-20190118-0001/
RHSA-2019:0416		https://access.redhat.com/errata/RHSA-2019:0416
RHSA-2019:0435		https://access.redhat.com/errata/RHSA-2019:0435
RHSA-2019:0436		https://access.redhat.com/errata/RHSA-2019:0436
RHSA-2019:0462		https://access.redhat.com/errata/RHSA-2019:0462
RHSA-2019:0464		https://access.redhat.com/errata/RHSA-2019:0464
RHSA-2019:0469		https://access.redhat.com/errata/RHSA-2019:0469
RHSA-2019:0472		https://access.redhat.com/errata/RHSA-2019:0472
RHSA-2019:0473		https://access.redhat.com/errata/RHSA-2019:0473
RHSA-2019:0474		https://access.redhat.com/errata/RHSA-2019:0474
RHSA-2019:0640		https://access.redhat.com/errata/RHSA-2019:0640
RHSA-2019:1238		https://access.redhat.com/errata/RHSA-2019:1238
USN-3875-1		https://usn.ubuntu.com/3875-1/
USN-3942-1		https://usn.ubuntu.com/3942-1/
USN-3949-1		https://usn.ubuntu.com/3949-1/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0416

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0435

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0436

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0462

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0464

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0469

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0472

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0473

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0474

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:0640

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://access.redhat.com/errata/RHSA-2019:1238

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2422.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://lists.debian.org/debian-lts-announce/2019/03/msg00033.html

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-2422

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-2422

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://seclists.org/bugtraq/2019/Mar/27

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://security.gentoo.org/glsa/201903-14

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://security.netapp.com/advisory/ntap-20190118-0001/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://usn.ubuntu.com/3875-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://usn.ubuntu.com/3942-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://usn.ubuntu.com/3949-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at https://www.debian.org/security/2019/dsa-4410

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/ Found at http://www.securityfocus.com/bid/106596

Exploit Prediction Scoring System (EPSS)

Percentile	0.33111
EPSS Score	0.00128
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:29:20.462981+00:00	Alpine Linux Importer	Import	https://secdb.alpinelinux.org/v3.14/community.json	37.0.0

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2422.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-2422
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2422
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
106596		http://www.securityfocus.com/bid/106596
1665945		https://bugzilla.redhat.com/show_bug.cgi?id=1665945
201903-14		https://security.gentoo.org/glsa/201903-14
27		https://seclists.org/bugtraq/2019/Mar/27
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:netapp:oncommand_unified_manager::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::::
cpe:2.3:a:netapp:oncommand_unified_manager::::::vmware::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::vmware::*
cpe:2.3:a:netapp:oncommand_unified_manager::::::windows::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::windows::*
cpe:2.3:a:netapp:oncommand_workflow_automation::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation::::::::
cpe:2.3:a:netapp:snapmanager:-:::::oracle::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::oracle::
cpe:2.3:a:netapp:snapmanager:-:::::sap::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::sap::
cpe:2.3:a:oracle:jdk:11.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.1:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update201::::::
cpe:2.3:a:oracle:jdk:1.8.0:update192::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update192::::::
cpe:2.3:a:oracle:jre:11.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.1:::::::*
cpe:2.3:a:oracle:jre:1.7.0:update201::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update201::::::
cpe:2.3:a:oracle:jre:1.8.0:update192::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update192::::::
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:opensuse:leap:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
cpe:2.3:o:opensuse:leap:42.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2019-2422		https://nvd.nist.gov/vuln/detail/CVE-2019-2422
display?docLocale=en_US&docId=emr_na-hpesbst03958en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us
dsa-4410		https://www.debian.org/security/2019/dsa-4410
msg00013.html		http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html
msg00028.html		http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html
msg00033.html		https://lists.debian.org/debian-lts-announce/2019/03/msg00033.html
msg00059.html		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
ntap-20190118-0001		https://security.netapp.com/advisory/ntap-20190118-0001/
RHSA-2019:0416		https://access.redhat.com/errata/RHSA-2019:0416
RHSA-2019:0435		https://access.redhat.com/errata/RHSA-2019:0435
RHSA-2019:0436		https://access.redhat.com/errata/RHSA-2019:0436
RHSA-2019:0462		https://access.redhat.com/errata/RHSA-2019:0462
RHSA-2019:0464		https://access.redhat.com/errata/RHSA-2019:0464
RHSA-2019:0469		https://access.redhat.com/errata/RHSA-2019:0469
RHSA-2019:0472		https://access.redhat.com/errata/RHSA-2019:0472
RHSA-2019:0473		https://access.redhat.com/errata/RHSA-2019:0473
RHSA-2019:0474		https://access.redhat.com/errata/RHSA-2019:0474
RHSA-2019:0640		https://access.redhat.com/errata/RHSA-2019:0640
RHSA-2019:1238		https://access.redhat.com/errata/RHSA-2019:1238
USN-3875-1		https://usn.ubuntu.com/3875-1/
USN-3942-1		https://usn.ubuntu.com/3942-1/
USN-3949-1		https://usn.ubuntu.com/3949-1/