VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-vt12-bgzz-puf7

Essentials
Severities (42)
References (76)
Severity details (26)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-vt12-bgzz-puf7
Aliases	CVE-2018-2602
Summary	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).
Status	Published
Exploitability	0.5
Weighted Severity	4.0
Risk	2.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-426

Untrusted Search Path

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0095
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0099
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0100
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0115
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0349
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0351
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0352
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0458
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0521
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1463
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1812
cvssv3	4.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2018-2602
cvssv3	4.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
ssvc	Track	https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
cvssv2	3.7	https://nvd.nist.gov/vuln/detail/CVE-2018-2602
cvssv3.1	4.5	https://nvd.nist.gov/vuln/detail/CVE-2018-2602
ssvc	Track	https://security.netapp.com/advisory/ntap-20180117-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
ssvc	Track	https://usn.ubuntu.com/3613-1/
ssvc	Track	https://usn.ubuntu.com/3614-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4144
ssvc	Track	https://www.debian.org/security/2018/dsa-4166
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
ssvc	Track	http://www.securityfocus.com/bid/102642
ssvc	Track	http://www.securitytracker.com/id/1040203

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
102642		http://www.securityfocus.com/bid/102642
1040203		http://www.securitytracker.com/id/1040203
1534525		https://bugzilla.redhat.com/show_bug.cgi?id=1534525
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update171::::::
cpe:2.3:a:oracle:jdk:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update161::::::
cpe:2.3:a:oracle:jdk:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update152::::::
cpe:2.3:a:oracle:jdk:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:9.0.1:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update171::::::
cpe:2.3:a:oracle:jre:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update161::::::
cpe:2.3:a:oracle:jre:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update152::::::
cpe:2.3:a:oracle:jre:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:9.0.1:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2602		https://nvd.nist.gov/vuln/detail/CVE-2018-2602
display?docLocale=en_US&docId=emr_na-hpesbst03911en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
dsa-4144		https://www.debian.org/security/2018/dsa-4144
dsa-4166		https://www.debian.org/security/2018/dsa-4166
msg00003.html		https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
ntap-20180117-0001		https://security.netapp.com/advisory/ntap-20180117-0001/
RHSA-2018:0095		https://access.redhat.com/errata/RHSA-2018:0095
RHSA-2018:0099		https://access.redhat.com/errata/RHSA-2018:0099
RHSA-2018:0100		https://access.redhat.com/errata/RHSA-2018:0100
RHSA-2018:0115		https://access.redhat.com/errata/RHSA-2018:0115
RHSA-2018:0349		https://access.redhat.com/errata/RHSA-2018:0349
RHSA-2018:0351		https://access.redhat.com/errata/RHSA-2018:0351
RHSA-2018:0352		https://access.redhat.com/errata/RHSA-2018:0352
RHSA-2018:0458		https://access.redhat.com/errata/RHSA-2018:0458
RHSA-2018:0521		https://access.redhat.com/errata/RHSA-2018:0521
RHSA-2018:1463		https://access.redhat.com/errata/RHSA-2018:1463
RHSA-2018:1812		https://access.redhat.com/errata/RHSA-2018:1812
USN-3613-1		https://usn.ubuntu.com/3613-1/
USN-3614-1		https://usn.ubuntu.com/3614-1/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0095

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0099

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0100

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0115

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0349

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0351

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0352

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0458

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:0521

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:1463

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://access.redhat.com/errata/RHSA-2018:1812

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html

Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2602

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2018-2602

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://security.netapp.com/advisory/ntap-20180117-0001/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://usn.ubuntu.com/3613-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://usn.ubuntu.com/3614-1/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://www.debian.org/security/2018/dsa-4144

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at https://www.debian.org/security/2018/dsa-4166

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at http://www.securityfocus.com/bid/102642

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/ Found at http://www.securitytracker.com/id/1040203

Exploit Prediction Scoring System (EPSS)

Percentile	0.17182
EPSS Score	0.00055
Published At	Aug. 1, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:36:48.166145+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/3614-1/	37.0.0

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
		http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
102642		http://www.securityfocus.com/bid/102642
1040203		http://www.securitytracker.com/id/1040203
1534525		https://bugzilla.redhat.com/show_bug.cgi?id=1534525
cpe:2.3:a:hp:xp7_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_command_view:::::advanced:::*
cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp_p9000_command_view:::::advanced:::*
cpe:2.3:a:oracle:jdk:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update171::::::
cpe:2.3:a:oracle:jdk:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update161::::::
cpe:2.3:a:oracle:jdk:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update152::::::
cpe:2.3:a:oracle:jdk:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:9.0.1:::::::*
cpe:2.3:a:oracle:jre:1.6.0:update171::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update171::::::
cpe:2.3:a:oracle:jre:1.7.0:update161::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update161::::::
cpe:2.3:a:oracle:jre:1.8.0:update152::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update152::::::
cpe:2.3:a:oracle:jre:9.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:9.0.1:::::::*
cpe:2.3:a:redhat:satellite:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.6:::::::*
cpe:2.3:a:redhat:satellite:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:::::::*
cpe:2.3:a:redhat:satellite:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:schneider-electric:struxureware_data_center_expert::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-2602		https://nvd.nist.gov/vuln/detail/CVE-2018-2602
display?docLocale=en_US&docId=emr_na-hpesbst03911en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
dsa-4144		https://www.debian.org/security/2018/dsa-4144
dsa-4166		https://www.debian.org/security/2018/dsa-4166
msg00003.html		https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
ntap-20180117-0001		https://security.netapp.com/advisory/ntap-20180117-0001/
RHSA-2018:0095		https://access.redhat.com/errata/RHSA-2018:0095
RHSA-2018:0099		https://access.redhat.com/errata/RHSA-2018:0099
RHSA-2018:0100		https://access.redhat.com/errata/RHSA-2018:0100
RHSA-2018:0115		https://access.redhat.com/errata/RHSA-2018:0115
RHSA-2018:0349		https://access.redhat.com/errata/RHSA-2018:0349
RHSA-2018:0351		https://access.redhat.com/errata/RHSA-2018:0351
RHSA-2018:0352		https://access.redhat.com/errata/RHSA-2018:0352
RHSA-2018:0458		https://access.redhat.com/errata/RHSA-2018:0458
RHSA-2018:0521		https://access.redhat.com/errata/RHSA-2018:0521
RHSA-2018:1463		https://access.redhat.com/errata/RHSA-2018:1463
RHSA-2018:1812		https://access.redhat.com/errata/RHSA-2018:1812
USN-3613-1		https://usn.ubuntu.com/3613-1/
USN-3614-1		https://usn.ubuntu.com/3614-1/