VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-rgf4-rwp5-dqd7

Essentials
Severities (35)
References (62)
Severity details (26)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-rgf4-rwp5-dqd7
Aliases	CVE-2018-2814
Summary	Multiple vulnerabilities have been found in Oracle’s JDK and JRE software suites.
Status	Published
Exploitability	0.5
Weighted Severity	7.5
Risk	3.8
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1188
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1191
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1201
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1202
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1203
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1204
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1205
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1206
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1270
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1278
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2814.json
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2018-2814
cvssv3	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
cvssv2	5.1	https://nvd.nist.gov/vuln/detail/CVE-2018-2814
cvssv3.1	8.3	https://nvd.nist.gov/vuln/detail/CVE-2018-2814
ssvc	Track	https://security.gentoo.org/glsa/201903-14
ssvc	Track	https://security.netapp.com/advisory/ntap-20180419-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
ssvc	Track	https://usn.ubuntu.com/3644-1/
ssvc	Track	https://usn.ubuntu.com/3691-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4185
ssvc	Track	https://www.debian.org/security/2018/dsa-4225
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
ssvc	Track	http://www.securityfocus.com/bid/103798
ssvc	Track	http://www.securitytracker.com/id/1040697

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2814.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2814
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2790
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2794
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2795
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2796
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2797
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2798
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2800
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2814
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2815
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		https://security.netapp.com/advisory/ntap-20180419-0001/
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us
		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us
		https://www.debian.org/security/2018/dsa-4185
		https://www.debian.org/security/2018/dsa-4225
		http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
		http://www.securityfocus.com/bid/103798
		http://www.securitytracker.com/id/1040697
1567121		https://bugzilla.redhat.com/show_bug.cgi?id=1567121
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:10:::::::*
cpe:2.3:a:oracle:jdk:1.6.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update181::::::
cpe:2.3:a:oracle:jdk:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update171::::::
cpe:2.3:a:oracle:jdk:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update162::::::
cpe:2.3:a:oracle:jre:10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:10:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update181::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update181::::::
cpe:2.3:a:oracle:jre:1.7.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update171::::::
cpe:2.3:a:oracle:jre:1.8.0:update162::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update162::::::
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2814		https://nvd.nist.gov/vuln/detail/CVE-2018-2814
GLSA-201903-14		https://security.gentoo.org/glsa/201903-14
RHSA-2018:1188		https://access.redhat.com/errata/RHSA-2018:1188
RHSA-2018:1191		https://access.redhat.com/errata/RHSA-2018:1191
RHSA-2018:1201		https://access.redhat.com/errata/RHSA-2018:1201
RHSA-2018:1202		https://access.redhat.com/errata/RHSA-2018:1202
RHSA-2018:1203		https://access.redhat.com/errata/RHSA-2018:1203
RHSA-2018:1204		https://access.redhat.com/errata/RHSA-2018:1204
RHSA-2018:1205		https://access.redhat.com/errata/RHSA-2018:1205
RHSA-2018:1206		https://access.redhat.com/errata/RHSA-2018:1206
RHSA-2018:1270		https://access.redhat.com/errata/RHSA-2018:1270
RHSA-2018:1278		https://access.redhat.com/errata/RHSA-2018:1278
USN-3644-1		https://usn.ubuntu.com/3644-1/
USN-3691-1		https://usn.ubuntu.com/3691-1/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1188

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1191

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1201

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1202

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1203

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1204

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1205

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1206

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1270

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://access.redhat.com/errata/RHSA-2018:1278

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2814.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2814

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2814

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://security.gentoo.org/glsa/201903-14

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://security.netapp.com/advisory/ntap-20180419-0001/

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://usn.ubuntu.com/3644-1/

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://usn.ubuntu.com/3691-1/

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://www.debian.org/security/2018/dsa-4185

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at https://www.debian.org/security/2018/dsa-4225

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at http://www.securityfocus.com/bid/103798

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:38Z/ Found at http://www.securitytracker.com/id/1040697

Exploit Prediction Scoring System (EPSS)

Percentile	0.63715
EPSS Score	0.00454
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:02:16.466443+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201903-14	38.0.0