VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-r6cy-u268-6qa3

Essentials
Severities (51)
References (72)
Severity details (33)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-r6cy-u268-6qa3
Aliases	CVE-2018-2799
Summary	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Status	Published
Exploitability	0.5
Weighted Severity	4.8
Risk	2.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-770

Allocation of Resources Without Limits or Throttling

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1188
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1191
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1201
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1202
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1204
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1206
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1270
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1278
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1721
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1722
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1723
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1724
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1974
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1975
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2799.json
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
epss	0.0014	https://api.first.org/data/v1/epss?cve=CVE-2018-2799
cvssv3	5.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
ssvc	Track	https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
ssvc	Track	https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E
ssvc	Track	https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2018-2799
cvssv3.1	5.3	https://nvd.nist.gov/vuln/detail/CVE-2018-2799
ssvc	Track	https://security.gentoo.org/glsa/201903-14
ssvc	Track	https://security.netapp.com/advisory/ntap-20180419-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
ssvc	Track	https://usn.ubuntu.com/3644-1/
ssvc	Track	https://usn.ubuntu.com/3691-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4185
ssvc	Track	https://www.debian.org/security/2018/dsa-4225
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
ssvc	Track	http://www.securityfocus.com/bid/103872
ssvc	Track	http://www.securitytracker.com/id/1040697

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2799.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2799
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2790
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2794
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2795
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2796
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2797
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2798
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2800
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2814
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2815
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
		http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
103872		http://www.securityfocus.com/bid/103872
1040697		http://www.securitytracker.com/id/1040697
1567542		https://bugzilla.redhat.com/show_bug.cgi?id=1567542
201903-14		https://security.gentoo.org/glsa/201903-14
b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E		https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E
cpe:2.3:a:apache:xerces-j::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:xerces-j::::::::
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:10:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update171::::::
cpe:2.3:a:oracle:jdk:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update162::::::
cpe:2.3:a:oracle:jre:10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:10:::::::*
cpe:2.3:a:oracle:jre:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update171::::::
cpe:2.3:a:oracle:jre:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update162::::::
cpe:2.3:a:oracle:jrockit:r28.3.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.17:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2799		https://nvd.nist.gov/vuln/detail/CVE-2018-2799
display?docLocale=en_US&docId=emr_na-hpesbst03857en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
display?docLocale=en_US&docId=emr_na-hpesbst03915en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
dsa-4185		https://www.debian.org/security/2018/dsa-4185
dsa-4225		https://www.debian.org/security/2018/dsa-4225
ntap-20180419-0001		https://security.netapp.com/advisory/ntap-20180419-0001/
r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E		https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E
RHSA-2018:1188		https://access.redhat.com/errata/RHSA-2018:1188
RHSA-2018:1191		https://access.redhat.com/errata/RHSA-2018:1191
RHSA-2018:1201		https://access.redhat.com/errata/RHSA-2018:1201
RHSA-2018:1202		https://access.redhat.com/errata/RHSA-2018:1202
RHSA-2018:1204		https://access.redhat.com/errata/RHSA-2018:1204
RHSA-2018:1206		https://access.redhat.com/errata/RHSA-2018:1206
RHSA-2018:1270		https://access.redhat.com/errata/RHSA-2018:1270
RHSA-2018:1278		https://access.redhat.com/errata/RHSA-2018:1278
RHSA-2018:1721		https://access.redhat.com/errata/RHSA-2018:1721
RHSA-2018:1722		https://access.redhat.com/errata/RHSA-2018:1722
RHSA-2018:1723		https://access.redhat.com/errata/RHSA-2018:1723
RHSA-2018:1724		https://access.redhat.com/errata/RHSA-2018:1724
RHSA-2018:1974		https://access.redhat.com/errata/RHSA-2018:1974
RHSA-2018:1975		https://access.redhat.com/errata/RHSA-2018:1975
USN-3644-1		https://usn.ubuntu.com/3644-1/
USN-3691-1		https://usn.ubuntu.com/3691-1/

No exploits are available.

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1188

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1191

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1201

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1202

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1204

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1206

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1270

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1278

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1721

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1722

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1723

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1724

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1974

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://access.redhat.com/errata/RHSA-2018:1975

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2799.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2799

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2799

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://security.gentoo.org/glsa/201903-14

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://security.netapp.com/advisory/ntap-20180419-0001/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://usn.ubuntu.com/3644-1/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://usn.ubuntu.com/3691-1/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://www.debian.org/security/2018/dsa-4185

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at https://www.debian.org/security/2018/dsa-4225

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at http://www.securityfocus.com/bid/103872

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:13:15Z/ Found at http://www.securitytracker.com/id/1040697

Exploit Prediction Scoring System (EPSS)

Percentile	0.34837
EPSS Score	0.0014
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:36:11.992056+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/3691-1/	37.0.0